DETAILED ACTION
This notice is in response to the amended claims filed on 01/14/2022 following the examiner-initiated interview of 01/07/2022.
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
The text of those sections of the Title 35 U.S. Code not included in this section can be found in the prior office action.
The prior office actions are incorporated herein by reference. In particular, the observations with respect to claim language, and response to previously presented arguments.
Claims 1, 3, 7-8, 11, and 14 have been amended.
Claims 2, 12, and 15 have been cancelled.
Claims 1, 3-11, 13-14, and 16-17 are pending.

Interview Summary
Examiner initiated an Examiner Interview on 01/07/2022, Applicant and Examiner discussed potential amendments to the claims to overcome the art as cited with regards to Camenisch et al. (NPL: "Anonymous Attestation with Subverted TPMs", August 2017) and newly identified Chen et al. (20090210716). Examiner and Applicant discussed incorporating language regarding the intermediate processing system lacking access to the private key to differentiate against the disclosure of Camenisch, and further incorporating regarding the randomized revocation tokens in the modified message to differentiate against the host system of Chen. Applicant subsequently filed a claim set with amended language on 01/14/2022 to be entered via examiner’s amendment.

Examiner’s Amendment
An Examiner’s Amendment to the record appears below. Should the changes and/or additions be unacceptable to the applicant, an amendment may be filed as provisioned by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.
Authorization for examiner’s amendment was given in email received from applicant on January 14, 2022 to amend claims 1, 3, 7-8, 11, and 14 as herein, and to cancel claims 2, 12, and 15.
The application has been amended as follows:

CLAIMS:
Claim 1 (Currently Amended): A computer-implemented method comprising: 
receiving, with an intermediate processing system, an original message from a trusted execution environment, the original message comprising an original digital signature authored by the trusted execution environment; 
computing, with the intermediate processing system, a zero-knowledge proof of knowledge for the original digital signature without accessing a private key and without accessing a share of a private key; and 
modifying the original message by replacing the original digital signature with the proof of knowledge, 
wherein the method further comprises: 
receiving a request for remote attestation of a reference binary from a remote verifier; 
calculating, with the trusted execution environment and in response to the remote attestation request, the original digital signature based on the reference binary, wherein the original digital signature comprises an original revocation token and the modifying of the original message comprises replacing the original revocation token with a randomized revocation token; and 
transmitting, to the verifier, the modified original message comprising the proof of knowledge and the randomized revocation token.  

Claim 2 (Canceled).  

Claim 3 (Currently Amended): The method of claim 1, wherein the original message comprises the original revocation token prepared by the trusted execution environment and the method comprises: randomizing the original revocation token; modifying the original message by replacing the original revocation token with the randomized revocation token.  

Claim 7 (Currently Amended): The method of claim 1, wherein a host processing system comprises the intermediate processing system and the trusted execution environment, and the intermediate processing system performs the receiving, the computing, and the modifying. 
 
Claim 8 (Currently Amended): The method of claim 1, comprising: 
from the remote verifier.  

Claims 11 (Currently Amended): A processing system comprising: one or more hardware processors configured to: 
Page 3 of 5January 14, 2022Attorney Docket No. 817137receive an original message from a trusted execution environment, the original message comprising an original digital signature authored by the trusted execution environment; 
compute a zero-knowledge proof of knowledge for the original digital signature such that the proof of knowledge is computed without accessing a private key and without accessing a share of a private key; and 
modify the original message by replacing the original digital signature with the proof of knowledge 
wherein the one or more processors are further configured to: 
receive a request for remote attestation of a reference binary from a remote verifier; 
calculate, within the trusted execution environment and in response to the remote attestation request, the original digital signature based on the reference binary, wherein the original digital signature comprises an original revocation token and the one or more processors are configured to modify the original message by replacing the original revocation token with a randomized revocation token; and 
transmit, to the verifier, the modified original message comprising the proof of knowledge and the randomized revocation token.  

Claim 12 (Canceled).  

Claim 14 (Currently Amended): A non-transitory computer-readable medium comprising code for configuring one or more processors to: receive an original message from a trusted execution environment, the original message comprising an original digital signature authored by the trusted execution environment; 
compute a zero-knowledge proof of knowledge for the original digital signature such that the proof of knowledge is computed without considering a private key and without considering a share of a private key; and 
Page 4 of 5modify the original message by replacing the original digital signature with the proof of knowledge, 
wherein the non-transitory computer-readable medium further comprises code for configuring the one or more processors to: 
receive a request for remote attestation of a reference binary from a remote verifier; 
calculate, within the trusted execution environment and in response to the remote attestation request, the original digital signature based on the reference binary, wherein the original digital signature comprises an original revocation token and the code for modifying the original message comprises code for configuring the one or more processors to replace the original revocation token with a randomized revocation token; and 
transmit, to the verifier, the modified original message comprising the proof of knowledge and the randomized revocation token.  

Claim 15 (Canceled).  

Allowable Subject Matter
Claims 1, 3-11, 13-14, and 16-17 are allowed. The following is an examiner’s statement of reasons for allowance (in accordance with MPEP 1302.14): The primary reason for allowance of the foregoing claims in the inclusion of a limitation in the independent claim which is not found in prior art references. Specifically, amended claim 1 recites, inter alia, “computing, with the intermediate processing system, a zero-knowledge proof of knowledge for the original digital signature without accessing a private key and without accessing a share of a private key; and modifying the original message by replacing the original digital signature with the proof of knowledge, wherein the method further comprises: receiving a request for remote attestation 
Art found of record, e.g., Camenisch et al. (NPL: “Anonymous Attestation with Subverted TPMs”; August 2, 2017) teaches receiving an original message from a TEE comprising a digital signature authored by the TEE, computing a zero knowledge proof of knowledge for the signature, and modifying the original message by replacing the original digital signature with the proof of knowledge proof (see, e.g., as identified in the Final Rejection dated 07/27/2021). Yet, Camenisch appears to fail to specifically disclose computing, with an intermediate processing system, a zero knowledge proof on a signature without accessing a private key, and replacing the message with both the zero-knowledge proof and randomized revocation token. Other prior art, e.g., Chen (US20090210716) teaches a direct anonymous attestation system, wherein a host system is unable to learn the secret signing key held by the TPM when modifying the signature (see, e.g., Chen at [0003], and [0107-141]), yet fails to teach modifying the message with both the randomized token and proof of knowledge. Ateniese et al. (NPL: Subversion-Resilient Signatures: Definitions, Constructions and Applications”; October 30, 2015) discloses a tamper-proof firewall used to sanitize a signature to protect against subversion of the signature algorithm, wherein the signature is re-randomized (see, e.g., Ateniese at abstract), yet similarly fails to remedy the aforementioned deficiency.
None of the prior art of record, either taken by itself or in any combination, would have anticipated or made obvious all features of the invention of the present application claim 1 at or before the time it was filed. Independent claim(s) 11 and 14 similarly have been amended to recite language directed to the aforementioned subject matter. Dependent claims 3-10, 15 (of claim 1) 13-14, and 17 (of claim 11) incorporate the limitations of their parent claim, and are allowable for at least the same rationale.
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee. Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance”.

Conclusion
21. Any inquiry concerning this communication or earlier communications from the examiner should be directed to JOSHUA RAYMOND WHITE whose telephone number is (571)272-4365.  The examiner can normally be reached on Monday-Thursday, & Alternate Fridays.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Taghi Arani can be reached on 5712723787.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available 






/J.R.W./Examiner, Art Unit 2438                                                                                                                                                                                                                                                                                                                                                                                                          
/TAGHI T ARANI/Supervisory Patent Examiner, Art Unit 2438