Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
The present Office Action is responsive to communication received 9/30/2020. Claims 1-16 ae pending.

Information Disclosure Statement
The information disclosure statement (IDS) submitted on 9/30/2020 is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.


Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claim 6 is rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.
Claim 6 recites unclear statements: the second software or the second firmware: has no access to the secret key or to the seed value, and is configured to generate the   
It is not understood how the second firmware generates the signature based on input data using the seed value and the secret key (see claim 1) but does not have access to the secret key or to the seed value. Clarification is kindly requested.
Claim 6 is not rejected with prior art pending clarification of the limitation.

Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.


Claims 1-11 and 13 are rejected under 35 USC 101 because the claimed invention is directed to non-statutory subject matter.  The claim(s) does/do not fall within at least one of the four categories of patent eligible subject matter because:
 Claims 1-11 are directed to a device comprising a cryptographic module comprising at least a processor. The broadest reasonable interpretation of a processor includes software. Therefore, the claimed device comprises software only and is not statutory. The examiner recommends amending claim 1 to have the claim recite at least a piece of hardware such as a hardware processor, or a memory ... o render the claim statutory.
Similarly, claim 13 is directed to vehicle comprising software only. In order to overcome the rejection, the examiner recommends to include at least a piece of hardware in the vehicle, such as a hardware processor or a memory. 


Invitation to Participate in DSMER Pilot Program
The present application satisfies the criteria for participation set forth in the Federal Register Notice entitled “Deferred Subject Matter Eligibility Response (DSMER) Pilot Program.” Therefore, the examiner invites applicant to participate in the DSMER pilot program. 

An applicant who accepts the invitation to participate in this pilot program must still file a reply to every Office action mailed in this application, but may defer presenting arguments or amendments in response to subject matter eligibility (SME) rejection(s) until the earlier of final disposition of the application, or the withdrawal or obviation of all other outstanding non-SME rejections. A final disposition for purposes of this pilot program occurs upon the earliest of: mailing of a notice of allowance; mailing of a final Office action; filing of a notice of appeal; filing of a request for continued examination; or abandonment of the application. Other than applicant’s ability to defer responding to SME rejections, participation in the DSMER pilot program does not alter the normal examination process (e.g., as outlined in MPEP 700), and applicant must still respond to all non-SME rejections when replying to Office actions. 

Further information about the pilot program, including an explanation of the criteria for receiving an invitation, and the conditions of participation, is provided in the Federal Register Notice announcing the program, which is available on the pilot program website https://www.uspto.gov/patents/initiatives/patent-application-initiatives/deferred-subject-matter-eligibility-response.

Applicant has two choices with respect to this invitation:
(1) Applicant may elect to participate in the DSMER pilot program. To effect this choice, applicant MUST accept this invitation by filing a completed request form PTO/SB/456 with a timely response to this Office action. The DSMER Pilot request form must be signed in accordance with 37 CFR § 1.33(b) by a person having authority to prosecute the application, and must be submitted via the USPTO’s patent electronic filing systems (EFS-Web or Patent Center). The form is available on the pilot program website https://www.uspto.gov/patents/initiatives/patent-application-initiatives/deferred-subject-matter-eligibility-response. If the form is properly completed and timely received, the application will be entered into the pilot program.

(2) Applicant may decline to participate in the pilot program. No action is required from applicant to effect this choice, because if applicant does not timely file a properly completed form PTO/SB/456, the application will not be entered into the pilot program.


Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-4, 7, 11-16 are rejected under 35 U.S.C. 103 as being unpatentable over US 20080189500 to Jennings et al., hereinafter Jennings, and further in view of US 20170337380 to Domke et al., hereinafter Domke.
Regarding claim 1, Jennings discloses 
A device, comprising: a cryptographic module comprising at least one processor configured to conduct at least one cryptographic function, wherein the device is operable in a secure mode and in a non-secure mode (Fig. 4, [0048]: the cryptographic module 400 comprising processors 402,404; ; [0052]: processor 404 comprises a secure operation mode and a non-secure mode operation mode; [0058]-[0062]: conduct cryptographic functions such as authentication, encryption, digital signature, hash value generation), wherein the cryptographic module is configured in the secure mode by storing a secret key in the cryptographic module (0056]: 1st processor secret key and 2nd processor secret key are written during manufacturing i.e secure mode;), and wherein the device is operable in the non-secure mode to generate a signature based on input data utilizing the secret key and the seed value ([0070][0071]: 1st processor concatenates the random number with a message to form M, and generates a  HMAC signature over M using the 1st processor secret key, the generation of the signature is post manufacture i.e in non-secure mode).  
While Jennings discloses ([0068] Fig. 4, 430 RNG) generating a random number implicitly stored before being sent to 1st processor, the generated random number being interpreted as the seed value,  and a booting in a secure mode ([0038]), Jennings does not explicitly teach the cryptographic module is configured in the secure mode by storing a seed value in the cryptographic module; 
In an analogous art, Domke discloses generating a random seed during the first boot session of the device, stored in a manifest (interpreted as the cryptographic module) ([0029]); the random seed is used along with an internal key, burnt in the chip at manufacture to produce a sealing key ([0030][0031]). Boot stages of the boot process and other fields describing the installation of an OS in secure mode are added as SMD fields into the manifest ([0036]), meaning the 1st boot and the installation of the OS occur in safe mode. A signature is generated using an HMAC algorithm using as input: the sealing key, the SMD fields calculated during the 1st boot session (or the random seed concatenated with the SMD fields), and possibly a label ([0038]). The signed manifest can be left unencrypted and persisted in a non-volatile memory of the device  (non-secure mode) to verify the booting of the OS corresponds to OS installed in safe mode ([0039] or actual signature see Fig. 7A 714)), by reproducing the signature and comparing with the actual signature (Fig. 7A 714) . Therefore Domke teaches the limitation. It would have been obvious to a skilled artisan before the application was effectively filed to store the seed value in the secure mode as well as the secret key and 

Regarding claim 2, Jennings in view of Domke discloses the device according to claim 1, wherein the device enters the non-secure mode after a configuration of the device is concluded or after a startup phase of the device has ended (Domke: the secure more corresponds to the device from manufacture to booting and installation of OS ([0029]-[0031], [0036]). 

Regarding claim 3, Jennings in view of Domke discloses the device according to claim 1, wherein the secure mode is operated via a first software or a first firmware and the non-secure mode is operated via a second software or a second firmware (Jennings [0052]: secure engine running in secure mode, non-secure engine running in non-secure mode).

Regarding claim 4, Jennings in view of Domke discloses the device according to claim 3, wherein the first software or the first firmware is: exclusively run during the secure mode (Jennings [0038][0052]: secure engine running in secure mode, non-secure engine running in non-secure mode), configured to exclusively read the secret st processor suggesting the random number is read from memory).

Regarding claim 7, Jennings in view of Domke discloses the device according to claim 1, wherein the seed value is generated by the device or by an external device and supplied to the cryptographic module (Jennings [0038]: generating a random number implicitly stored before being sent to 1st processor, the generated random number being interpreted as the seed value([0038]).


Regarding claim 11, Jennings in view of Domke discloses the device according to claim 1, wherein the signature comprises an elliptic curve algorithm (DOmke [0097] ECDSA).  

Regarding claim 12, Jennings in view of Domke discloses the device according to claim 1, wherein the device is a hardware security module or it is part of a hardware security module (Jennings [0052]).  

Regarding claims 13, 14 and 16, the claims recite substantially the same content as claim 1 and are rejected like claim 1.

Regarding claim 15, the claim recites substantially the same content as claim 2 and is rejected like claim 2.

Claim 5 is rejected under 35 USC 103 as being unpatentable over Jennings and Domke, in view of US 20200050478 to Underwood et al., hereinafter Underwood.

Regarding claim 5, Jennings in view of Domke discloses the device according to claim 3; although Domke discloses boot stages of the boot process and other fields describing the installation of an OS are performed in secure mode ([0036]), Jennings in view of Domke does not explicitly teach wherein upon termination of the first software or the first firmware the device enters the non-secure mode.  
In an analogous art, Underwood discloses an accelerator capable of switching between a protected mode and a non-protected mode ([0031]). Underwood discloses wherein upon termination of the first software or the first firmware the device enters the non-secure mode ([0179]: interrupt the accelerator in protected mode and switch to normal mode). It would have been obvious to a skilled artisan before the application was effectively filed to enter the non-secure mode after termination of the protected mode as taught by Underwood because it would allow to clean-up the threads so they are no re-issued, freeing processing resources on the execution stack.



Claims 8-10 are rejected under 35 USC 103 as being unpatentable over Jennings and Domke, in view of US 20200136819 to Bae et al., hereinafter Bae.

Regarding claim 8, Jennings in view of Domke discloses the device according to claim 1, but does not explicitly teach: wherein the cryptographic module is configured to generate at least one random value based on the seed value.  
In an analogous art, Bae discloses a device performing electronic signatures ([0030]). Bae discloses the device comprising a random number generation module and a random number adjusting module (Fig. 3A-B); A random number generated by the random number generation module (interpreted as the seed) is used by the random number adjusting module to generate a on-time random number to generate an electronic signature ([0031]), teaching the limitation. Therefore, it would have been obvious to a skilled artisan before the application was effectively filed to derive a random number from the seed for generating a signature as taught by Bae because it would prevent unnecessary repetition until a random number satisfying a random condition is generated, and prevent excessive calculation, rendering an acceptable random number generation more efficient (Bae [0004][0005][0072]).

Regarding claim 9, Jennings in view of Domke and Bae discloses the device according to claim 8, wherein the cryptographic module is configured to determine the at least one random value based on the seed value for each signature or for each n-th signature (Bae, [0031][0073], Fig. 11C).  

Regarding claim 10, Jennings in view of Domke and Bae discloses the device according to claim 8, wherein a length of the at least one random value is larger than a length of the seed value (Bae, Fig. 9-10, case 4 to 6: length of generated random number k1’, k2’ less than length of derived random number L).  


Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure:
Bhattacharya et al 20200326963 disclose a controller (BMC) creates the digital signature based on salt (includes random number), hash value of data input, private encryption key.
Schwarz et al 20200267000 disclose using ECDSA randomized signature algorithm with a random number.
Lee et al 20190190723 disclose receiving from server a random number, signing a message including the random number and public key with the private key, sending the signed message to a server for authentication. 
Adams et al 20190123897 disclose a system to communicate via perfect forward secrecy, using a deterministic hierarchy to generate public and private keys, offline, on distinct devices, for use with asymmetrical cryptography over an unsecure medium. 
Datta et al 20060224878 disclose extending a trusted environment to pre-boot and to post-OS load environment, extends to firmware at power on, ensure a trusted environment from boot to OS launch.
Helmschmidt et al 20140359186 disclose smart meter operating a processor in a first operating mode that prohibits access to secure memory, receiving a priority interrupt PI signal, switch to second operating mode permitting access to secure memory; 
Zhao et al “Providing Root of Trust for ARM TrustZone using On-Chip SRAM”, by Zhao et al., ACM, p.25-36, 2014, discloses: a secure memory stores initial values of key and random number, derive cryptographic key from initial key and random number from initial random number, use in cryptographic operations: encryption, decryption, and hashing. 
Sun et al “TrustICE: Hardware-assisted Isolated Computing Environments on Mobile Devices”, 2015 45th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, 367-378, disclose an ARM processor with enabled-trust zone comprising a secure domain including a secure boot, secure OS and trusted app, and a normal domain with a rich OS and unsecure apps.

Any inquiry concerning this communication or earlier communications from the examiner should be directed to CATHERINE B THIAW whose telephone number is (571)270-1138. The examiner can normally be reached Monday-Friday 7am-4pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.

Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/Catherine Thiaw/Primary Examiner, Art Unit 2493                                                                                                                                                                                                        3/25/2022