Notice of Pre-AIA  or AIA  Status
1.	The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Response to Arguments
2.	Applicant’s arguments filed 02/03/2022, with respect to the rejection(s) of claims 1-13 were unpatentable under 35 U.S.C. §103 based upon U.S. Pub. No. 2018/0292522 (Cavendish) in view of U.S. Pub. No. 2017/0346852 (Chhabra) have been fully considered. However, upon further consideration, a new ground(s) of rejection is made in view of amended claims.


Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

3.	Claims 1-13 are rejected under 35 U.S.C. 103 as being unpatentable over U.S. Publication No. 20180292522 hereinafter Cavendish in view of U.S. Publication No. .

As per claim 1, Cavendish discloses:
A method for detecting relay attacks between two communication platforms (para 0002 “In some variations, an example method for secure range determination is provided’), comprising:
receiving, at a first communication platform, a first signal sent via a first communication medium from a second communication platform (para 0077 “The procedure 400 includes transmitting 410, by the first wireless device (i.e., the responder device 202 of FIG. 2), a first signed message at a first time instance (e.g., the time instance T1 of FIG. 2), with the first signed message comprising a first payload and configured to be received by a second wireless device (e.g., an initiator device, such as the initiator device 204 of FIG. 2) at a second time instance (e.g., the time instance T2 of FIG. 2). The first signed message may be transmitted in response to an initial request (e.g., a timing measurement request message) sent by the initiator device.”),
the first signal being encrypted (para 0078 “As noted herein, the first signed message may be part of a message exchange (e.g., where the various messages are generated and configured according to, for example, an FTM- based RTT protocol). The nonce value that may be included in the first payload (and/or subsequent payloads used with subsequent messages) may be some unique value that generally varies between consecutive transmitted message, or

receiving, at the first communication platform. a second signal sent via a second communication medium from the second communication platform, wherein the second signal is a start clock (para 0080 “With continued reference to FIG. 4, the procedure 400 further includes receiving 420 at a fourth time instance (e.g., corresponding to the time instance T4 of FIG. 2), by the first wireless device, a verifiable acknowledgement message (e.g., the message 240 of FIG. 2), transmitted from the second wireless device at a third time instance (e.g., at T3 of FIG. 2) in response to the first signed message, with
Para 0081 “As described herein, in some embodiments, the verifiable acknowledgement message may include a signed acknowledgement message, with a payload including one or more of, for example, the first identifier associated with the first wireless device, the second identifier associated with the second wireless device, timing information associated with the acknowledgement message (e.g., timestamp of T2, which corresponds to the time at which the first signed message arrived at the initiator device, or a timestamp for T3, which may be an approximation of the time-of-departure for the signed acknowledgement of T3), and/or the nonce value.”):
receiving, at the first communication platform, a third signal sent via the
second communication medium from the second communication platform, the third signal including the challenge (para 0082 “For example, in some variations, receiving the verifiable acknowledgement message may include further receiving, by the first wireless device, subsequent to receiving the verifiable acknowledgement message at the fourth time instance, a further signed message with a further payload from the second wireless device within a threshold time period following the receiving the verifiable acknowledgement message at the fourth time instance, by the first wireless device, with the further signed message being configured to indicate that the verifiable acknowledgement message was transmitted by the second wireless device. Means for further receiving, by the first wireless device, subsequent to receiving 
outputting, from the first communication platform, a response to the
challenge via the first communication medium to the second communication platform, wherein the response is encrypted (para 0087 “With continued reference to FIG. 4, responsive to a verification that the received acknowledgement message originated from the second wireless device (i.e., the verifiable acknowledgement message is deemed to have originated from the initiator device), the first, responder, wireless device, transmits 440 a second signed message comprising a second payload with at least timing information for the first time instance and the fourth time instance at which the first wireless device received the verifiable acknowledgement message. As with the first signed message, the second signed message is generated by producing the payload (e.g., the timing information, device identifiers, a nonce value, etc.), and deriving a hash value based on the payload and using the responder device's secret cryptographic key. The timing information in the second signed message

and determining, at the second communication platform whether a relay attack has occurred based on a time elapsed from when the start clock began to when the response is received at the second communication platform (para 0084 “Verifying the signed acknowledgement message may be performed by using a cryptographic hash function that is applied to the received message (the payload and signature portion) using a cryptographic key associated with the initiator device, to authenticate the acknowledgement message (e.g., that the signature was generated using the correct secret key of the initiator device, and thus that the message originated from a legitimate device). If the acknowledgement message is verified, the responder device accepts the acknowledgement message. If the acknowledgement message is not verified, the RTT exchange process may be terminated.” Para 0086 “In embodiments where a random delay is used to implement the verifiable acknowledgement message, the implementation may be made more robust, in terms of improving its ability to detect an attacker, by repeating the RTT message exchange process multiple times (e.g., two, three, or more times), and checking that all computed RTTs


Cavendish does not disclose:
first signal including information about where to retrieve a challenge 
a second communication medium different than the first communication medium

Chhabra discloses: 
first signal including information about where to retrieve a challenge (Fig. 4, para 0043 “The method 400 begins with operation 404, where first wireless communication device 310 generates an |_Nonce value. |_Nonce may be a randomly generated value comprising any number of random bytes. For 
may be generated for each communication session initiated between first and second wireless communication devices 310 and 320. A communication session may represent a time period beginning when first wireless communication device 310 sends a measurement request and ending when the first wireless communication device 310 sends a stop signal.” Para 0048 “In operation 418, second wireless communication device 320 sends the generated R_Nonce value back to first wireless communication device 310, which is then received in operation 420. In operation 422, first wireless communication device 310 derives the transient key using a substantially similar process as second wireless communication device 320 in operation 416. For example, first wireless communication device 310 may also derive the transient key by inputting the |_Nonce, R_Nonce, and pre-shared key values into a pseudo random function generator that implements the same randomization algorithm as the pseudo random function generator used by second wireless communication device 310. In other words, because both first and second wireless communication devices 310 and 320 input the same |_Nonce, R_Nonce, and pre-shared key values (assuming that both devices belong to the same cloud-based account) into substantially similar pseudo random function generators, both first and second wireless communication devices 310 and 320 should derive the same transient key.” Para 0049 “If the transient keys derived by first and second wireless communication devices 310 and 320 (operations 416 and 422, respectively) 
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method for secure range determination of Cavendish to include first signal including information about where to retrieve a challenge, as taught by Chhabra.
The motivation would have been to secure and effectively determine a challenge/response scheme for device authentication.

Cavendish in view of Chhabra and Kohli does not disclose:
a second communication medium different than the first communication medium

	Kohli discloses:
a second communication medium different than the first communication medium (para 0006 “In one aspect, method for authenticating a cardholder for a candidate purchase using an authentication computing device in communication with a memory is provided. The method includes receiving an authentication profile associated with the cardholder during an enrollment process for an authentication service, storing the authentication profile within the memory, and 
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method for secure range determination of Cavendish in view of Chhabra and Kohli to include a second communication medium different than the first communication medium, as taught by Kohli.
The motivation would have been to secure and effectively determine a challenge/response scheme for device authentication.

As per claim 2, Cavendish in view of Chhabra and Kohli discloses:
The method of claim 1, wherein the second communication platform determines that the relay attack has occurred when the time elapsed from when Cavendish Fig. 2, para 0006, 0041, and 0065).

As per claim 3, Cavendish in view of Chhabra and Kohli discloses:
The method of claim 1, wherein the second communication platform determines that the relay attack has not occurred when the time elapsed from when the start clock began to when the response is received at the second communication platform is below a predetermined threshold (Cavendish Fig. 2, para 0064, 0065 and 0067).

As per claim 4, Cavendish in view of Chhabra and Kohli discloses:
The method of claim 1. wherein the information about where to retrieve the challenge includes a frequency of the challenge (Cavendish Fig. 4, para 0082).

As per claim 5, Cavendish in view of Chhabra and Kohli discloses:
The method of claim 1, wherein the third signal is transmitted with cryptographically random noise (Cavendish para 0046, 0063, 0066, and 0082). 

As per claim 6, Cavendish in view of Chhabra and Kohli discloses:



As per claim 7, Cavendish in view of Chhabra and Kohli discloses:
The method of claim 6, wherein the hand-held device is a smartphone or a key fob (Cavendish para 0043, 0044, and 0052).

As per claim 8, Cavendish in view of Chhabra and Kohli discloses:
The method of claim 1, wherein the first communication medium comprises Bluetooth or Wi-Fi (Cavendish para 0009 and 0039).

As per claim 9, Cavendish in view of Chhabra and Kohli discloses:
The method of claim 1, wherein the second communication medium comprises ultra-wideband (Cavendish para 0097).

As per claim 10, the implementation of the claim 1 will execute the method of claim 10. The claim is analyzed with respect to claim 1.

As per claim 11, the claim is analyzed with respect to claim 2.

As per claim 12, Cavendish in view of Chhabra and Kohli discloses:
The method of claim 10, wherein when it is determined that the relay attack has occurred, the second communication device ignores the response sent from the first communication device (Cavendish para 0064).

As per claim 13, the claim is analyzed with respect to claim 8.


Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to GARY S GRACIA whose telephone number is (571)270-5192. The examiner can normally be reached Monday-Friday 9am-6pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Ashok Patel can be reached on 5712723972. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/GARY S GRACIA/Primary Examiner, Art Unit 2491