Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

DETAILED ACTION
This Office Action is sent in response to Applicant’s Communication received on 16 August 2020 for application number 16/994,600. The Office hereby acknowledges receipt of the following and placed of record in file: Oath/Declaration, Abstract, Specification, Drawings, and Claims.
Claims 1 – 28 are presented for examination.

Information Disclosure Statement
The information disclosure statement (IDS) submitted on 28 October 2020 is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.

Drawings
The applicant’s drawings submitted are acceptable for examination purposes.

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


Claims 1 – 28 are rejected under 35 U.S.C. 112(b) as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor regards as the invention.

Claim 1 recites “compute a first sequence s(td) of ceiling(log2N) bits by applying a function s, which maps to N different values, to a tag td of a data item d, N being less than M, compute one of the addresses from s(td) and a second sequence ud of one or more bits representing a class of d, and perform an operation selected from the group of operations consisting of: writing d to the memory location having the computed address, and reading d from the memory location having the computed address.”  It is unclear as to what exactly is being claimed with the claim language containing variables/functions.  The claim limitations should be written out to clearly provide an understanding of the claimed inventive concept.  Claims 2 – 7, 9 – 19, and 21 – 24 recite similar language regarding variables/functions and are rejected with like reasoning.  Claims 8 and 20 depend from claims 7 and 19 respectively, and a subsequently rejected.

Claim 25 recites “write the data item… having the computed address and/or read the data item…” in the last limitation.  The “and/or” is indefinite language.  Examiner suggests using just “and” in place of “and/or” to claim the desired functionality of both writing and reading, similar to claims 1 and 13.  Claims 26 – 28 depend from claim 25 and are subsequently rejected.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 25 – 28 are rejected under 35 U.S.C. 103 as being unpatentable over Durham et al. [hereafter as Durham], US Pub. No. 2020/0201789 A1 in view of DeHon [hereafter as DeHon], US Pub. No. 2017/0177367 A1.

As per claim 25, Durham discloses a system, comprising: 
a memory, comprising a plurality of memory locations having different respective addresses [“Embodiments disclosed in this application are related to base address encryption in which a pointer to a memory location for data is encoded with a tag and/or other metadata and may be used to derive at least a portion of tweak input to data/code cryptographic (e.g., encryption and decryption) algorithms and address cryptographic algorithms.”] [para. 0048]; and 
a processor [“Cryptographic computing embodiments disclosed herein may leverage the concept of a cryptographic addressing layer where the processor decrypts software allocated memory base addresses (linear/virtual address space, sometimes referred to as "pointers") based on context information (e.g., implicit and explicit metadata, a cryptographic context identifier, metadata encoded in the pointer, etc.). As used herein, a "tweak" may refer to, among other things, an extra input to a block cipher, in addition to the usual plaintext or ciphertext input and the key (e.g., secret key 116(1)). A tweak comprises one or more bits that represent a value.”] [para. 0054], configured to:
compute one of the addresses [base address] from (i) a first sequence of bits derived from a tag of a data item [address metadata may include a tag of randomized bits associated with the indirect address], and (ii) a second sequence of bits representing a class of the data item [other metadata (or context information) can be encoded in the unused bits of indirect address … type of the data or code (e.g., class of data…] [“Embodiments disclosed in this application are related to base address encryption in which a pointer to a memory location for data is encoded with a tag and/or other metadata and may be used to derive at least a portion of tweak input to data/code cryptographic (e.g., encryption and decryption) algorithms and address cryptographic algorithms.”] [para. 0048] [“The tag/version can be used as part of a tweak to encrypt and decrypt the base address slice encoded in the indirect address. The tag/version can also be used as part of a tweak to encrypt and decrypt the data or code that the base address references.”] [para. 0063] [“These instructions can provide the indirect address (or pointer) as a parameter along with context information that may be used as part of a tweak for decrypting the base address slice embedded in the indirect address.”] [para. 0066] [“In at least some other embodiments that will be further described herein, other metadata (or context information) can be encoded in the unused bits of indirect address 114 such as a memory allocation size (e.g., bytes of allocated memory referenced by the indirect address), a type of the data or code (e.g., class of data or code defined by programming language), and/or permissions (e.g., read, write, and execute permissions of the indirect address), a location of the data or code (e.g., address combined with the size of the data or code), the memory location where the pointer itself is to be stored, an ownership of the data or code, a privilege level (e.g., user or supervisor), a cryptographic context identifier (or crypto context ID) (e.g., randomized or deterministically unique value for each indirect address), etc. In other embodiments, such context information may not be encoded in the indirect address but instead, may be accessed statically when it is embedded in the code stream or accessed dynamically via a table look-up in memory. In some embodiments, the address metadata may include a tag of randomized bits associated with the indirect address to make the tag unpredictable for an adversary. An adversary may try to guess the tag value so that the adversary is able to access the memory referenced by the pointer, and randomizing the tag value may make it less likely that the adversary will successfully guess the value compared to a deterministic approach for generating the tag value. In some embodiments, the pointer may include a version number determining current ownership of the referenced allocated data in time instead of or in addition to a randomized tag value. Even if an adversary is able to guess the current tag value or version number for a region of memory, e.g. because the algorithm for generating the version numbers is predictable, the adversary may still be unable to correctly generate the corresponding encrypted portion of the pointer due to the adversary not having access to the key that will later be used to decrypt that portion of the pointer.”] [para. 0065], and 200 205 218
write the data item to the memory location having the computed address [base address encryption in which a pointer to a memory location for data] and/or read the data item from the memory location having the computed address [memory access operation (e.g., a read, write, or execute operation] [“Embodiments disclosed in this application are related to base address encryption in which a pointer to a memory location for data is encoded with a tag and/or other metadata and may be used to derive at least a portion of tweak input to data/code cryptographic (e.g., encryption and decryption) algorithms and address cryptographic algorithms.”] [para. 0048] [“The address encrypting logic 158 encrypts the selected slice of the base address using the secret address key 116(1) and an address tweak, as described further below. On a memory access operation (e.g., a read, write, or execute operation), the address decoding logic 162 decodes the previously-encoded indirect address 114.”] [para. 0075].
However, Durham does not explicitly disclose a plurality of memory locations.
DeHon teaches a plurality of memory locations [“Similarly, element 1001a denotes a tag on an instruction of the PC 1008e, 1001b denotes tags of instructions 1008b, 1001c denotes tags of memory locations 1008a, and 1001d denotes tags of registers 1008c.”] [para. 0244].
Durham and DeHon are analogous art aimed to improve memory performance in storage systems.
[DeHon, para. 0244].

As per claim 26, Durham in view of DeHon discloses the system according to claim 25, Durham discloses wherein the processor is further configured to compute the first sequence of bits by applying a function [encryption algorithm], which maps to N different values, to the tag of the data item, N being less than a number of the memory locations [computing device 100 decrypts the encrypted portion of the encoded address, using the decryption algorithm counterpart of the encryption algorithm used in block 422 of FIG. 4, and using the same secret key and tweak as used by the encryption algorithm in block 422 of FIG] [“In block 510, the computing device 100 obtains the encoded indirect address (e.g., the encoded address 206, which may be obtained from a register 112). In block 512, the computing device 100 determines whether the encoded address obtained in block 510 has unused or non-canonical bits. If the computing device 100 determines that the encoded address does not have unused/non-canonical bit (e.g., the address doesn't fall within the non-canonical, or otherwise reserved, range of addresses, whether the address range is 32-bit, 64-bit, 128-bit or whatever range an alternate architecture may require), a fault is raised (514). If the computing device 100 determines that the encoded address has unused/non-canonical bits (e.g., the address falls within the non-canonical or reserved address range), the computing device 100 proceeds to block 516. In block 516, the computing device 100 decrypts the encrypted portion of the encoded address, using the decryption algorithm counterpart of the encryption algorithm used in block 422 of FIG. 4, and using the same secret key and tweak as used by the encryption algorithm in block 422 of FIG. 4. An example process for decoding and decrypting the indirect address having an encrypted base address (EBA) format is shown and described herein.”] [para. 0111].

As per claim 27, Durham in view of DeHon discloses the system according to claim 26, 
wherein the function is a first function [“In block 516, the computing device 100 decrypts the encrypted portion of the encoded address, using the decryption algorithm counterpart of the encryption algorithm used in block 422 of FIG. 4, and using the same secret key and tweak as used by the encryption algorithm in block 422 of FIG. 4. An example process for decoding and decrypting the indirect address having an encrypted base address (EBA) format is shown and described herein.”] [para. 0111], and 
wherein the processor is configured to compute the address [indirect address in EBA format] by applying a second function, which maps to any one of the addresses, to a combination of the first sequence of bits with the second sequence of bits [In addition, for an indirect address in EBA format, plaintext upper address bits may be retrieved statically from an operand, or dynamically from memory, and concatenated with the decrypted slice of the base address] [“If the decrypted address contains unused/non-canonical bits, then in block 520, the computing device 100 returns the decrypted indirect address to its original (e.g., canonical) form by, for example, removing the unused/non-canonical bits. In addition, for an indirect address in EBA format, plaintext upper address bits may be retrieved statically from an operand, or dynamically from memory, and concatenated with the decrypted slice of the base address. Furthermore, if the address is aligned to a certain byte boundary, then the appropriate number of bits corresponding to the byte boundary may be concatenated to the decrypted slice of the base address to form the least significant bits. For example, three bits may be concatenated if the base address is aligned to an 8-byte boundary. Finally, an offset in the indirect address may be added to the decrypted and decoded base address.”] [para. 0112].

As per claim 28, Durham in view of DeHon discloses the system according to claim 26, 
wherein the function is a first function [“In block 516, the computing device 100 decrypts the encrypted portion of the encoded address, using the decryption algorithm counterpart of the encryption algorithm used in block 422 of FIG. 4, and using the same secret key and tweak as used by the encryption algorithm in block 422 of FIG. 4. An example process for decoding and decrypting the indirect address having an encrypted base address (EBA) format is shown and described herein.”] [para. 0111], and 
wherein the processor is configured to compute the address by: 
computing a third sequence of bits by applying a second function to the second sequence of bits [Examiner is interpreting claim 28 as another iteration of the claim limitation of claim 27, which Durham discloses] [In addition, for an indirect address in EBA format, plaintext upper address bits may be retrieved statically from an operand, or dynamically from memory, and concatenated with the decrypted slice of the base address] [“If the decrypted address contains unused/non-canonical bits, then in block 520, the computing device 100 returns the decrypted indirect address to its original (e.g., canonical) form by, for example, removing the unused/non-canonical bits. In addition, for an indirect address in EBA format, plaintext upper address bits may be retrieved statically from an operand, or dynamically from memory, and concatenated with the decrypted slice of the base address. Furthermore, if the address is aligned to a certain byte boundary, then the appropriate number of bits corresponding to the byte boundary may be concatenated to the decrypted slice of the base address to form the least significant bits. For example, three bits may be concatenated if the base address is aligned to an 8-byte boundary. Finally, an offset in the indirect address may be added to the decrypted and decoded base address.”] [para. 0112], and 
combining the first sequence of bits with the third sequence of bits [Examiner is interpreting claim 28 as another iteration of the claim limitation of claim 27, which Durham discloses] [In addition, for an indirect address in EBA format, plaintext upper address bits may be retrieved statically from an operand, or dynamically from memory, and concatenated with the decrypted slice of the base address] [“If the decrypted address contains unused/non-canonical bits, then in block 520, the computing device 100 returns the decrypted indirect address to its original (e.g., canonical) form by, for example, removing the unused/non-canonical bits. In addition, for an indirect address in EBA format, plaintext upper address bits may be retrieved statically from an operand, or dynamically from memory, and concatenated with the decrypted slice of the base address. Furthermore, if the address is aligned to a certain byte boundary, then the appropriate number of bits corresponding to the byte boundary may be concatenated to the decrypted slice of the base address to form the least significant bits. For example, three bits may be concatenated if the base address is aligned to an 8-byte boundary. Finally, an offset in the indirect address may be added to the decrypted and decoded base address.”] [para. 0112]. 

Conclusion
STATUS OF CLAIMS IN THE APPLICATION
CLAIMS REJECTED IN THE APPLICATION
Per the instant office action, claims 1 – 28 have received a first action on the merits and are subject of a first action non-final.  Claims 1 – 28 are rejected under a 112 rejection.  Claims 25 – 28 are rejected under a 103 rejection.  Based on the 112 rejected of claims 1 – 24, Examiner was not able to provide prior art to read on claims 1 – 24.

The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Chou et al., US Pub. No. 2018/0121200 A1 – teaches “In another embodiment, the particular entry in the branch target cache memory may include a type bit whose value indicates whether the corresponding address tag was generated using the another address or the current address.” [para. 0007]
Sullivan et al., US Pub. No. 2022/0050904 A1 – teaches “Referring again to FIG. 1, by mapping application memory addresses to metadata memory addresses, the tag map table 142 may create an association between application data and 

Any inquiry concerning this communication or earlier communications from the examiner should be directed to EDWARD WADDY JR whose telephone number is (571)272-5156. The examiner can normally be reached M-Th 8am-5pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is 
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Sanjiv Shah can be reached on (517)272-4098. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/EW/Examiner, Art Unit 2135   

/SANJIV SHAH/Supervisory Patent Examiner, Art Unit 2135