ALLOWABILITY NOTICE
Claims 21-23, 25-32 and 34-40 are pending in this action.  The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Information Disclosure Statement
The information disclosure statement (IDS) submitted on 6/12/2020 is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement has been considered by the examiner.


Examiner’s Amendment
An examiner’s amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.

Authorization for this examiner’s amendment was given in an interview with Tyson Winarski on 2/9/2022.

The title is amended is follows:

BIRTHDAY ATTACK PREVENTION SYSTEM BASED ON MULTIPLE HASH DIGESTS TO AVOID COLLISIONS



The claims are amended as follows:

CLAIMS 1-20 (CANCELLED).

21.	(CURRENTLY AMENDED) A non-transitory computer readable medium containing instructions for a method for detecting collisions to prevent birthday attacks, comprising:
	hashing a first data set in one order to produce a first hash digest of the first data set and in a different order to produce a second hash digest of the first data set;
	hashing a second data set in the one order to produce a first hash digest of the second data set and in the different order to produce a second hash digest of the second data set; 
	comparing the first hash digests of the first and second data sets to determine if they are identical; and
	comparing the second hash digests for the first and second data sets to determine if they are identical, wherein a birthday attack is identified when there is a collision between the first hash digests but not the second hash digests, whereby collisions that occur when the first and second data sets are hashed in one order do not reoccur when they are hashed in a different order when the first and second data sets are different.

22.	(PREVIOUSLY AMENDED) The medium of claim 21, wherein one hash algorithm produces the first and second hash digests for the first and second data sets.

23.	(PREVIOUSLY AMENDED) The medium of claim 22, wherein the hash algorithm is selected from the group consisting of MD5, SHA-1, SHA-224, SHA-512/224, SHA-256, SHA-512/256, SHA-384, SHA-512, and SHA-3.

24.	(CANCELLED) 

25.	(CURRENTLY AMENDED) The medium of claim [[24]] 21, wherein the first and second data sets are determined to be identical when the first hash digests for the first and second data sets match and the second hash digests for the first and second hash digests for the first and second data sets match.

26.	(CURRENTLY AMENDED) The medium of claim 21, wherein the first hash digests are formed by hashing a data set

27.	(PREVIOUSLY AMENDED) The medium of claim 21, wherein the orders for hashing data sets are selected from the group consisting of hexadecimal-reverse, byte-reverse, bit-reverse, hard-disk-drive sector-reverse, hexadecimal-forward, byte-forward, bit-forward, hard-disk-drive sector-forward, and forward-reverse multiplex.


non-transitory computer readable medium containing instructions for a method for detecting collisions to prevent birthday attacks, comprising:
	hashing a first data set in two different orders 
	hashing a second data set in two different orders 
	comparing the two different hash digests of the first data set to those of the second data set, wherein a birthday attack is identified when there is a collision between one of the hash digests for the first and second data sets, but not the other, whereby collisions that occur when the first and second data sets are hashed in one order do not reoccur when they are hashed in a different order when the first and second data sets are different.

29.	(PREVIOUSLY PRESENTED) The medium of claim 28, wherein the first and second data sets are identified as different when there is a collision between one of the hash digests for the first and second data sets, but not the other.

30.	(PREVIOUSLY PRESENTED) The medium of claim 28, wherein the first and second data sets are identified as being identical when there is a collision between both hash digests for the first and second data sets.



32.	(PREVIOUSLY PRESENTED) The medium of claim 31, wherein the hash algorithm is selected from the group consisting of MD5, SHA-1, SHA-224, SHA-512/224, SHA-256, SHA-512/256, SHA-384, SHA-512, and SHA-3.

33.	(CANCELLED) 

34.	(PREVIOUSLY PRESENTED) The medium of claim 31, wherein the two different orders for hashing are a front-to-back order and a back-to-front order.

35.	(PREVIOUSLY PRESENTED) The medium of claim 31, wherein the two different orders are selected from the group consisting of hexadecimal-reverse, byte-reverse, bit-reverse, hard-disk-drive sector-reverse, hexadecimal-forward, byte-forward, bit-forward, hard-disk-drive sector-forward, and forward-reverse multiplex.

36.	(CURRENTLY AMENDED) A system for identifying collisions between data files to separate identical files from files that could produce a birthday software hacking attack, comprising:
a hardware processor configured to hash data in multiple orders with a hash algorithm;

	hashing a second data set in two different orders with the hash algorithm to produce two different hash digests; and
	comparing the two different hash digests of the first data set to those of the second data set, wherein a birthday attack is identified when there is a collision between one of the hash digests for the first and second data sets, but not the other, whereby collisions that occur when the first and second data sets are hashed in one order do not reoccur when they are hashed in a different order when the first and second data sets are different.

37.	(CURRENTLY AMENDED) The system of claim 36, wherein the first and second data sets are identified as different when there is a collision between one of the hash digests for the first and second data sets, but not the other.

38.	(CURRENTLY AMENDED) The system of claim 36, wherein the first and second data sets are identified as being identical when there is a collision between both hash digests for the first and second data sets.

39.	(CURRENTLY AMENDED) The system of claim 36, wherein one hash algorithm produces both hash digests for the first and second data sets.

system of claim 36, wherein the hash algorithm is selected from the group consisting of MD5, SHA-1, SHA-224, SHA-512/224, SHA-256, SHA-512/256, SHA-384, SHA-512, and SHA-3.

Reasons for Allowance
Claims 21-23, 25-32 and 34-40 are allowed.

The following is an examiner’s statement of reasons for allowance:  The cited prior art references, NOT AVAIL (JP H11500241 A), Hoffstein et al. (US Patent No. 6,076,163 A), Juels et al. (US PGPUB No. 2002/0029341), Huima (CN 1345498 A), Yang et al. (US PGPUB No. 2004/0236695), Zhang et al. (CN 1815948 A), Wu et al. (CN 101872338 A), Tonisson et al. (US PGPUB No. 2013/0279806), Wu et al. (US PGPUB No. 2015/0082399), Wentz et al. (US PGPUB No. 2019/0312734), Hu et al. (CN 111182510 A), Gauravaram ("Security Analysis of salt||password Hashes", IEEE, doi: 10.1109/ACSAT.2012.49, 2012, pp. 25-30), Stamp et al. ("Hash Functions," in Applied Cryptanalysis: Breaking Ciphers in the Real World , IEEE, 2007, doi: 10.1002/9780470148778.ch5, pp.193-264), Cantu et al. ("Finding hash collisions using MPI on HPC clusters", IEEE, doi: 10.1109/LISAT.2017.8001961, 2017, pp. 1-6) and Al-Odat et al. ("Constructions and Attacks on Hash Functions", IEEE, doi: 10.1109/CSCI49370.2019.00030, 2019, pp. 139-144), do not alone or in combination teach the recited features of independent claims 21, 28 and 36. While the references disclose some of the principle features of a “birthday attack”, the claimed invention recognizes a birthday attack a unique and specific way. First, “a birthday attack is .

Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to PETER C SHAW whose telephone number is 571-270-7179.  Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.  If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Carl Colin can be reached on 571-272-3862.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.

Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/PETER C SHAW/Primary Examiner, Art Unit 2493                                                                                                                                                                                                        February 16, 2022