DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Claims 1, 2, 6, 7, 11, 12, 16-21 are subject to examination. Claims 3-5, 8-10, 13-15 are cancelled.

Specification
Applicant’s amendment to specification dated 10/28/21 is acknowledged.

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claims 16-21 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.
Claim 16 recites the limitation “the second private cryptographic key to the second device”. There is insufficient antecedent basis for this limitation in the claim. “the second private cryptographic key to the second device” is considered as --a second private cryptographic key to the second device-- for examination purpose. 


Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows: 
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.


New claims 16-21 are rejected under 35 USC 101 because the claimed invention is directed to non-statutory subject matter. The claims claim a system comprising a key generating center, a first device, a second device. However, the system does not necessarily comprise hardware element, as the claimed a key generating center, a first device, a second device may be implemented as. The Applicant is recommended to have the claim recite hardware implementing the key generating center, a first device, a second device, in order to render the claims statutory. For example, addition of --hardware—before “first device” and/or “center” is suggested to overcome the rejections.


Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as 

Claims 1, 6 and 11 are rejected under 35 U.S.C. 102 as being clearly unpatentable over Hevia Angulo et al., 2018/0302217.

Regarding claims 1, 11, Hevia-Angulo clearly teaches: a method comprising: a computer program product comprising a non-transitory computer readable storage having program instructions embodied therewith, the program instructions executable by at least one computer system, to cause each computer system to perform a method comprising:
generating a distributed cryptographic key at a key generation center (system with distributed keys, para 21, 23);_and
transmitting a first part of the distributed cryptographic key to a first other device (distribution of key piece 1 to node 1/device 1), and
transmitting a second part of the distributed cryptographic key to a second other device (distribution of key piece 2 to node 2/device 2); and
generating a distributed cryptographic signature at the first other device (generate distributed at a device of the system, para 10-12) for verification by using the second other device (second participant/node/device needed for verification, para 10-12).

Regarding claims 6, Hevia-Angulo clearly teaches:  a system comprising: a key generation center adapted to generate a distributed cryptographic key by (system for creation of distributed keys, para 21, 23);_and
transmitting a first part of the distributed cryptographic key to a first device (distribution of key piece 1 to node 1/device 1, para 25-27), and

the first device adapted to generate a distributed cryptographic signature in communication with the key generation center and the second device (created partial signature that is used for signing, partial signatures, validation of the signature, use of secret key, associated public key used by the nodes that is used for signature verification using distributed signature among the nodes/devices of the system associated with nodes, para 10-12, para 32-40); and
the second device adapted to generate the distributed cryptographic signature in communication with the first device and to verify the signature (created partial signature at another node/device that is used for signing, partial signatures, validation of the signature, use of secret key, associated public key used by the nodes that is used for signature verification using distributed signature among the nodes/devices of the system associated with nodes, para 10-12, para 32-40).

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.


s 2, 7 and 12 are rejected under 35 U.S.C. 103 as being unpatentable over Hevia-Angulo in view of Tiwari et al., 10498537.

Regarding claims 2, 7, 12, Hevia-Angulo teaches:
generating, at the key generation center, key pair comprising a public key (para 26);
generating, at the key generation center, a private key (para 124)  
transmitting a first part of the private key and the public key from the generation center to the first other device (para 96); and
transmitting the a second part of the private key and the public key from the key generation center to the second other device (para 96).
Hevia-Angulo does not teach, which Tiwari discloses Paillier key pair, Paillier public key, and a master secret key (master public key, master secret key, key pair, claim 6), a private key based on a user ID and on the master secret key (user’s private key based on fourth para above col., 15, line 59 – col., 16, line 8, user identifier, user’s secret key and col., 16, lines 35-48, master secret key third para above col., 15, lines 12-20.
 It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Hevia-Angulo with the teachings of Tiwari with the motivation to provide and encryption method based on user ID to easily perform private communication between user terminals without executing a separate public key certifying process (claim 6, col., 15, line 59 – col., 16, line 8). 

Claim 16 is rejected under 35 U.S.C. 103 as being unpatentable over Hevia-Angulo in view of Kim et cal., 20150312759.
Regarding claim 16, Hevia-Angulo teaches: a system for generating a distributed cryptographic key comprising: a key generating center; a first device; a second device, the key generating center, the first device, and the second device in communication
with each other to generate a distributed cryptographic key by (para 26, 96, 124);
  
creating a public cryptographic key (para 56, 96)

transmitting the first part of the private


transmitting  and the second private cryptographic
key to the second device (sending signature/portion of the private key with public key for combined verification, para 56)

Hevia-Angulo does not teach, which Kim discloses transmitting the public cryptographic key to the first and the second device (sending the public key along with the private key portion to another devices, para 115, 132).
 It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Hevia-Angulo with the teachings of Lundstrom with the motivation to provide the public key to the devices for the associated portions of the private key for verification. One of ordinary skilled in the art would readily know what a private key and a public key pair is and how the pair works. Providing the public key for the private key pair would enable certifying process using the private key portions and hence accomplish the verification with distributed entities (para 115, 132). 

Claim 18 is rejected under 35 U.S.C. 103 as being unpatentable over Hevia-Angulo in view of Kim and Boren et al., 20090106551.
Regarding claim 18, Hevia-Angulo and Kim do not disclose, which Boren discloses wherein the distributed cryptographic key is based upon an identity of the first device (claim 6, 4, to generate unique key for distribution using device specific identifier like MAC/NAM, para 158)
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Hevia-Angulo with the teachings of Boren with the motivation to provide stronger security with limiting the key based on device specific identifier such as MAC/NAM. One of ordinary skilled in the art would readily know what a key can be created using an identifier. When the identifier is limited to the device being used, the device specific identifier would enhance the security of the communication, (para 4, 158). 

Claim 19 is rejected under 35 U.S.C. 103 as being unpatentable over Hevia-Angulo in view of Kim and Isshiki et al., 20180145825.

It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Hevia-Angulo with the teachings of Isshiki with the motivation to utilize well-known Paillier method. One of ordinary skilled in the art would readily know what is accomplished using the well-known Paillier method. The well-known Paillier method can be used to generate security key using additive/collation operators. The key would have multiple portions of the key for distribution (para 82-85). 

Claim 20 is rejected under 35 U.S.C. 103 as being unpatentable over Hevia-Angulo in view of Kim, Boren and Jaggi 2017/0272433.  
Regarding claim 20, Hevia-Angulo, Boren and Kim do not disclose, which Jaggi discloses using the identity of the first device as an input to a first hash function (para 15, 25).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Hevia-Angulo with the teachings of Jaggi with the motivation to provide stronger security with limiting the key based on device specific identifier. One of ordinary skilled in the art would readily know what a key can be created using an identifier and a well-known hash function. When the identifier is limited to the device being used, the device specific identifier would enhance the security of the communication, (para 15, 25). 

Claims 1, 6 and 11 are rejected under 35 U.S.C. 102 as being clearly unpatentable over Kim et al., 2015/0312759.

Regarding claims 1, 11, Kim clearly teaches: a method comprising: a computer program product comprising a non-transitory computer readable storage having program instructions embodied therewith, the program instructions executable by at least one computer system, to cause each computer system to perform a method comprising:

transmitting a first part of the distributed cryptographic key to a first other device (distribution of key piece 1 to a device, para 115, 132), and
transmitting a second part of the distributed cryptographic key to a second other device (distribution of key piece 2 to another device, para 115, 132); and
generating a distributed cryptographic signature at the first other device (generate distributed at a device of the system, para 115, 132) for verification by using the second other device (second participant/node/device needed for verification, para 115, 132).

Regarding claims 6, Kim clearly teaches:  a system comprising: a key generation center adapted to generate a distributed cryptographic key by (system for creation of distributed keys, para 115, 132);_and
transmitting a first part of the distributed cryptographic key to a first device (distribution of key piece  to first device , para 115, 132), and
transmitting a second part of the distributed cryptographic key to a second device (distribution of another key piece to another device, para 115, 132); and
the first device adapted to generate a distributed cryptographic signature in communication with the key generation center and the second device (created partial signature that is used for signing, partial signatures, validation of the signature, use of secret key, associated public key used by the nodes that is used for signature verification using distributed signature among the nodes/devices of the system associated with nodes, para 115, 132); and
the second device adapted to generate the distributed cryptographic signature in communication with the first device and to verify the signature (created partial signature at another node/device that is used for signing, partial signatures, validation of the signature, use of secret key, associated public key used .

Claims 2, 7 and 12 are rejected under 35 U.S.C. 103 as being unpatentable over Kim in view of Tiwari.

Regarding claims 2, 7, 12, Kim teaches:
generating, at the key generation center, key pair comprising a public key (para 115, 132);
generating, at the key generation center, a private key (para 115, 132)  
transmitting a first part of the private key and the public key from the generation center to the first other device (para 115, 132); and
transmitting the a second part of the private key and the public key from the key generation center to the second other device (para 115, 132).
Kim does not teach, which Tiwari discloses Paillier key pair, Paillier public key, and a master secret key (master public key, master secret key, key pair, claim 6), a private key based on a user ID and on the master secret key (user’s private key based on fourth para above col., 15, line 59 – col., 16, line 8, user identifier, user’s secret key and col., 16, lines 35-48, master secret key third para above col., 15, lines 12-20.
 It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Kim with the teachings of Tiwari with the motivation to provide and encryption method based on user ID to easily perform private communication between user terminals without executing a separate public key certifying process (claim 6, col., 15, line 59 – col., 16, line 8). 

Claim 16 is rejected under 35 U.S.C. 103 as being unpatentable over Hevia-Angulo in view of Lundstrom et al., 20160080157.
Regarding claim 16, Hevia-Angulo teaches: a system for generating a distributed cryptographic key comprising: a key generating center; a first device; a second device, the key generating center, the first device, and the second device in communication

  
creating a public cryptographic key (para 56, 96)

transmitting the first part of the private
cryptographic key to the first device (sending signature/portion of the private key with public key for combined verification, para 56)

transmitting  and the second private cryptographic
key to the second device (sending signature/portion of the private key with public key for combined verification, para 56)

Hevia-Angulo does not teach, which Lundstrom discloses transmitting the public cryptographic key to the first and the second device (sending the public key along with the private key portion to another devices, claim 13, para 37).
 It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Hevia-Angulo with the teachings of Lundstrom with the motivation to provide the public key to the devices for the associated portions of the private key for verification. One of ordinary skilled in the art would readily know what a private key and a public key pair is and how the pair works. Providing the public key for the private key pair would enable certifying process using the private key portions and hence accomplish the verification with distributed entities (claim 13, para 37). 

Claim 18 is rejected under 35 U.S.C. 103 as being unpatentable over Hevia-Angulo in view of Lundstrom and Boren.
Regarding claim 18, Hevia-Angulo and Lundstrom do not disclose, which Boren discloses wherein the distributed cryptographic key is based upon an identity of the first device (claim 6, 4, to generate unique key for distribution using device specific identifier like MAC/NAM, para 158)
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Hevia-Angulo with the teachings of Boren with the motivation to provide stronger security with limiting the key based on device specific identifier such as MAC/NAM. One of ordinary skilled in the art would readily know what a key can be created using an identifier. When the identifier is limited to the device being used, the device specific identifier would enhance the security of the communication, (para 4, 158). 

Claim 19 is rejected under 35 U.S.C. 103 as being unpatentable over Hevia-Angulo in view of Lundstrom and Isshiki et al., 20180145825.
Regarding claim 19, Hevia-Angulo and Lundstrom do not disclose, which Isshiki discloses wherein the Paillier method is used to generate the distributed cryptographic key (well-known pallier cryptosystem for generating key for distribution using additive/collation operators, para 82-85).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Hevia-Angulo with the teachings of Isshiki with the motivation to utilize well-known Paillier method. One of ordinary skilled in the art would readily know what is accomplished using the well-known Paillier method. The well-known Paillier method can be used to generate security key using additive/collation operators. The key would have multiple portions of the key for distribution (para 82-85). 

Claim 20 is rejected under 35 U.S.C. 103 as being unpatentable over Hevia-Angulo in view of Lundstrom, Boren and Jaggi 2017/0272433.  
Regarding claim 20, Hevia-Angulo, Boren and Lundstrom do not disclose, which Jaggi discloses using the identity of the first device as an input to a first hash function (para 15, 25).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Hevia-Angulo with the teachings of Jaggi with the motivation to provide stronger security with limiting the key based on device specific identifier. One of ordinary skilled in the art would readily know what a key can be created using an identifier and a well-known hash function. When the identifier is limited to the device being used, the device specific identifier would enhance the security of the communication, (para 15, 25). 


Allowable Subject Matter
Claims 17 and 21 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any 
Hevia-Angulo teaches: a system for generating a distributed cryptographic key comprising: a key generating center; a first device; a second device, the key generating center, the first device, and the second device in communication
with each other to generate a distributed cryptographic key by (para 26, 96, 124);
  
creating a public cryptographic key (para 56, 96)

transmitting the first part of the private
cryptographic key to the first device(sending signature/portion of the private key with public key for combined verification, para 56)

transmitting  and the second private cryptographic
key to the second device (sending signature/portion of the private key with public key for combined verification, para 56)

Kim discloses transmitting the public cryptographic key to the first and the second device (sending the public key along with the private key portion to another devices, para 115, 132).
Hevia-Angulo and Kim do not teach, 
transmitting from the first device to the second device an indicator that a signature for the message will be transmitted;

upon receiving the first transmission, the second device computing a first intermediate value and a second intermediate value using a first random number and a second random number and transmitting to the first device the first intermediate value and the second intermediate value;

upon receiving the second transmission, the first device computing a third intermediate
value using a third random number, a fourth random number, and the message,
and transmitting to the second device the third intermediate value;

upon receiving the third transmission, the second device computing a fourth
intermediate value and a fifth intermediate value and transmitting to the first device the fourth intermediate value and the fifth intermediate value;
upon receiving the fourth transmission, the first device computing the signature for the message and transmitting to the second device the signature; and

upon receiving the signature, the second device verifying the signature by computing a sixth intermediate value and comparing the sixth intermediate value with the signature.



Response to Arguments
Applicant's arguments filed 10/28/21, pages 11-17 have been fully considered but they are not persuasive.  The claims are amended with additional limitations which alter the scope of the claimed invention. For example, In the manner claim 1 limitations are presently amended, the presently amended claim limitations were not rejected in the earlier office action. Claims 3, 4 and 5 were cancelled but not completely included in claim 1, which alter the scope that was not rejected. Accordingly, the rejections are updated. Please refer to above updated rejections. Therefore, rejection of claims 1, 2, 6, 7, 11, 12, 16-21 is maintained. 

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
U.S. Pat. Appl. Publ'n No. 20190165948 to Sako et al. discloses method for generating a high entropy password using a low entropy password and low-entropy login data comprising supplying the low entropy password to a system comprising a generating client and/or a recovery client; and at least n servers.
U.S. Pat. Appl. Publ'n No. 20130054971 to Yamaguchi et al. discloses a technique for recording a digital work distributed via a network which involves the content distribution system including a key issuing device owned by an authorized authority which serves as a basis of security of the content distribution system. The key issuing device generates and issues an authorized private key and an authorized public key certificate, for each of the devices in the content distribution system.

U.S. Pat. Appl. Publ'n No. 20100235588 to Maeda et al. relates to distribution and management of a plurality of pieces of information generated by segmentation of private information that is important information such as a private key, and to a technology for restoring the original private information by using the plurality of pieces of information.
U.S. Pat. Appl. Publ'n No. 20060285683 to Anatharaman et al. discloses a method For cryptographically processing a message, method for generating a cryptographically processed message, and a method for performing a cryptographic operation on a message.
THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to NIRAV C SHAH whose telephone number is (408)918-7592.  The examiner can normally be reached on Monday - Thursday and alternate Fridays, 7:30-4:30 PT.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.

Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.




/HARESH N PATEL/Primary Examiner, Art Unit 2496