Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Examiner’s Amendment
An examiner’s amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.
Authorization for this examiner’s amendment was given by Ms. Raquel Pacheco (Reg. No. 58,401) on 3/18/2022.
The claims have been amended as follows: 

1.	(Currently Amended) A method, comprising:	, by one or more processors, message content of a message with an encryption key,  by performing operations comprising:
identifying a first portion of the message content designated for one or more servers;	identifying a second portion of the message content designated for a specified recipient; and	encrypting the second portion of the message content with the encryption key to generate an encrypted message;
selecting a set of recipient keys from a plurality of member keys, the set of recipient keys associated with client devices that are used by the specified recipient to access a verified member account of a social messaging system;	generating a common key for each recipient key of the set of recipient keys, each common key computed between a recipient key and a public key of a sender of the encrypted message or a client device associated with the sender of the encrypted message, to generate a set of common keys;	exchanging, with the specified recipient, a one-time nonce at specified time intervals wherein the one-time nonce is valid during a specified time period and replaces a previous one-time nonce that has a time period that has expired;	generating a symmetric key for each common key of the set of common keys by applying a key derivation function to a respective common key of the set of common keys using the one-time nonce, to generate a set of symmetric keys;	encrypting the encryption key for each symmetric key of the set of symmetric keys to generate a set of encrypted keys;	transmitting, to each client device of the client devices that is associated with each recipient key used to encrypt the encrypted key, the encrypted message, [[and]] an encrypted key of the set of encrypted keys that is associated with the recipient key for that client device that was used to encrypt the encrypted key, and the first portion of the message content, the first portion of the message content being transmitted unencrypted; and	receiving an acknowledgement indicating a termination status of the encrypted message.

2.	(Previously Presented) The method of claim 1, wherein the set of recipient keys are a set of public keys associated with the specified recipient and the one or more client devices that are used to log into a message account of the specified recipient.

3.	(Canceled)

4.	(Previously Presented) The method of claim 1, wherein the encryption key is a key pair including a private key and a public key, the method further comprising:	generating the encrypted message using the private key;	encrypting the public key using the set of recipient keys to generate a set of encrypted public keys; and	transmitting the encrypted message and one of the set of encrypted public keys to the one or more client devices.

5.	(Previously Presented) The method of claim 1, wherein the acknowledgement is received from a key database, the acknowledgement indicating a new recipient key for the specified recipient, the method further comprising:	receiving, from the key database storing the plurality of member keys, the new recipient key associated with the specified recipient;	encrypting the encryption key using the new recipient key to generate a new encrypted key; and	transmitting the encrypted message and the new encrypted key to one of the one or more client devices associated with the new recipient key.

6.	(Previously Presented) The method of claim 1, further comprising:	selecting a plurality of recipient keys including a plurality of sets of recipient keys associated with a plurality of specified recipients, wherein the plurality of sets of recipient keys comprises the set of recipient keys and the plurality of specified recipients comprises the specified recipient;	encrypting the encryption key using the plurality of recipient keys to generate a plurality of encrypted keys;	transmitting to the plurality of specified recipients the plurality of encrypted keys and the encrypted message; and	receiving a plurality of acknowledgements indicating a termination status of the encrypted message for the plurality of specified recipients.

7.	(Canceled) 

8.	(Previously Presented) The method of claim 1, further comprising:	detecting a session termination for a sending client device associated with a member, the member sending of the encrypted message;	generating a symmetric key for the sending client device and the member;	encrypting a local state of the member on the sending client device with the symmetric key; and	transmitting a member log to a key database, the member log including a member identifier, a device identifier, and the symmetric key.

9.	(Currently Amended) A system, comprising:	one or more processors; and	a non-transitory processor-readable storage medium storing processor executable instructions that, when executed by the one or more processors, cause the one or more processors to perform operations comprising:	of a message with an encryption key,  by performing operations comprising:
identifying a first portion of the message content designated for one or more servers;	identifying a second portion of the message content designated for a specified recipient; and	encrypting the second portion of the message content with the encryption key to generate an encrypted message;
	selecting a set of recipient keys from a plurality of member keys, the set of recipient keys associated with client devices that are used by the specified recipient to access a verified member account of a social messaging system;	generating a common key for each recipient key of the set of recipient keys, each common key computed between a recipient key and a public key of a sender of the encrypted message or a client device associated with the sender of the encrypted message, to generate a set of common keys;	exchanging, with the specified recipient, a one-time nonce at specified time intervals wherein the one-time nonce is valid during a specified time period and replaces a previous one-time nonce that has a time period that has expired;	generating a symmetric key for each common key of the set of common keys by applying a key derivation function to a respective common key of the set of common keys using the one-time nonce, to generate a set of symmetric keys;	encrypting the encryption key for each symmetric key of the set of symmetric keys to generate a set of encrypted keys;	transmitting, to each client device of the client devices that is associated with each recipient key used to encrypt the encrypted key, the encrypted message, [[and]] an encrypted key of the set of encrypted keys that is associated with the recipient key for that client device that was used to encrypt the encrypted key, and the first portion of the message content, the first portion of the message content being transmitted unencrypted; and	receiving an acknowledgement indicating a termination status of the encrypted message.

10.	(Previously Presented) The system of claim 9, wherein the set of recipient keys are a set of public keys associated with the specified recipient and the one or more client devices that are used to log into a message account of the specified recipient.

11.	(Previously Presented) The system of claim 9, wherein the encryption key is a key pair including a private key and a public key, the method further comprising:	generating the encrypted message using the private key;	encrypting the public key using the set of recipient keys to generate a set of encrypted public keys; and	transmitting the encrypted message and one of the set of encrypted public keys to the one or more client devices.

12.	(Previously Presented) The system of claim 9, wherein the acknowledgement is received from a key database, the acknowledgement indicating a new recipient key for the specified recipient, the method further comprising:	receiving, from the key database storing the plurality of member keys, the new recipient key associated with the specified recipient;	encrypting the encryption key using the new recipient key to generate a new encrypted key; and	transmitting the encrypted message and the new encrypted key to one of the one or more client devices associated with the new recipient key.

13.	(Previously Presented) The system of claim 9, further comprising:	selecting a plurality of recipient keys including a plurality of sets of recipient keys associated with a plurality of specified recipients, wherein the plurality of sets of recipient keys comprises the set of recipient keys and the plurality of specified recipients comprises the specified recipient;	encrypting the encryption key using the plurality of recipient keys to generate a plurality of encrypted keys;	transmitting to the plurality of specified recipients the plurality of encrypted keys and the encrypted message; and	receiving a plurality of acknowledgements indicating a termination status of the encrypted message for the plurality of specified recipients.

14.	(Canceled)	

15.	(Currently Amended) A non-transitory processor-readable storage medium storing processor executable instructions that, when executed by a processor of a machine, cause the machine to perform operations comprising:	of a message with an encryption key,  by performing operations comprising:
identifying a first portion of the message content designated for one or more servers;	identifying a second portion of the message content designated for a specified recipient; and	encrypting the second portion of the message content with the encryption key to generate an encrypted message;
	selecting a set of recipient keys from a plurality of member keys, the set of recipient keys associated with client devices that are used by the specified recipient to access a verified member account of a social messaging system;	generating a common key for each recipient key of the set of recipient keys, each common key computed between a recipient key and a public key of a sender of the encrypted message or a client device associated with the sender of the encrypted message, to generate a set of common keys;	exchanging, with the specified recipient, a one-time nonce at specified time intervals wherein the one-time nonce is valid during a specified time period and replaces a previous one-time nonce that has a time period that has expired;	generating a symmetric key for each common key of the set of common keys by applying a key derivation function to a respective common key of the set of common keys using the one-time nonce, to generate a set of symmetric keys;	encrypting the encryption key for each symmetric key of the set of symmetric keys to generate a set of encrypted keys;	transmitting, to each client device of the client devices that is associated with each recipient key used to encrypt the encrypted key, the encrypted message, [[and]] an encrypted key of the set of encrypted keys that is associated with the recipient key for that client device that was used to encrypt the encrypted key, and the first portion of the message content, the first portion of the message content being transmitted unencrypted; and	receiving an acknowledgement indicating a termination status of the encrypted message.

16.	(Previously Presented) The non-transitory processor-readable storage medium of claim 15, wherein the set of recipient keys are a set of public keys associated with the specified recipient and the one or more client devices that are used to log into a message account of the specified recipient.

17.	(Previously Presented) The non-transitory processor-readable storage medium of claim 15, wherein the encryption key is a key pair including a private key and a public key, the method further comprising:	generating the encrypted message using the private key;	encrypting the public key using the set of recipient keys to generate a set of encrypted public keys; and	transmitting the encrypted message and one of the set of encrypted public keys to the one or more client devices.

18.	(Previously Presented) The non-transitory processor-readable storage medium of claim 15, wherein the acknowledgement is received from a key database, the acknowledgement indicating a new recipient key for the specified recipient, the method further comprising:	receiving, from the key database storing the plurality of member keys, the new recipient key associated with the specified recipient;	encrypting the encryption key using the new recipient key to generate a new encrypted key; and	transmitting the encrypted message and the new encrypted key to one of the one or more client devices associated with the new recipient key.

19.	(Previously Presented) The non-transitory processor-readable storage medium of claim 15, further comprising:	selecting a plurality of recipient keys including a plurality of sets of recipient keys associated with a plurality of specified recipients, wherein the plurality of sets of recipient keys comprises the set of recipient keys and the plurality of specified recipients comprises the specified recipient;	encrypting the encryption key using the plurality of recipient keys to generate a plurality of encrypted keys;	transmitting to the plurality of specified recipients the plurality of encrypted keys and the encrypted message; and	receiving a plurality of acknowledgements indicating a termination status of the encrypted message for the plurality of specified recipients.

20.	(Canceled) 

21.	(Previously Presented) The method of claim 1, wherein the encrypted messages is further designated for a second specified recipient and a recipient key associated with the second specified recipient has a value indicating that the second specified recipient is a fake recipient instead of an encryption key.


Allowable Subject Matter 
Claims 1, 2, 4-6, 8-13, 15-19 and 21 are allowed.
The following is an Examiner’s Statement of Reasons for Allowance: 
Regarding independent claims 1, 9 and 15, the closest prior art made of record are:
The previously cited reference Leavy (US 2019/0020632) teaches (see the Office Action (“OA”) dated 12/20/2021, pages 5-9) A method, comprising: 
encrypting, by one or more processors,  message content of a message with an encryption key, by performing operations comprising: 
selecting a set of recipient keys from a plurality of member keys, the set of recipient keys associated with client devices that are used by the specified recipient to access a verified member account of a social messaging system; 
generating a common key for each recipient key of the set of recipient keys, each common key computed between a recipient key and a public key of a sender of the encrypted message or a client device associated with the sender of the encrypted message, to generate a set of common keys; 
generating a symmetric key for each common key of the set of common keys by applying a key derivation function to a respective common key of the set of common keys 
encrypting the encryption key for each symmetric key of the set of symmetric keys to generate a set of encrypted keys; 
transmitting, to each client device of the client devices that is associated with each recipient key used to encrypt the encrypted key, the encrypted message, an encrypted key of the set of encrypted keys that is associated with the recipient key for that client device that was used to encrypt the encrypted key (see [0066] and Fig. 5B: “After the random communication encryption key has been encrypted with the KEK derived for each receiving device, process 500 proceeds to block 550, where the first device's secure communication application creates a serialized packet that includes the encrypted communication, the ephemeral public key that the first device's secure communication application generated in block 530, the one or more unique identifiers for the receiver's public key received from secure communication platform, and the one or more encrypted communication encryption keys. In block 555, the first device's secure communication application transmits the serialized packet to the secure communication platform for distribution to the one or more receiving devices. In this way, the secure communication platform receives a single packet and distributes the single packet to the one or more receiving devices”).

Yadav (US 2016/0080502) teaches exchanging, with the specified recipient, a one-time nonce at specified time intervals wherein the one-time nonce is valid during a specified time period and replaces a previous one-time nonce that has a time period that has expired (see [0143]: “In accordance with an exemplary and non-limiting embodiment, a method comprises receiving at a first channel end point a shared secret, generating a plurality of nonce values, exchanging the nonce values with a second channel end point, generating a plurality of session keys and refreshing the plurality of session keys at a predetermined time interval using the shared secret”. And see [0728]: “In accordance with exemplary and non-limiting embodiments, there is provided a method to replace traditional key exchange for Internet Protocol Security (IPSEC) data encryption by using a multi-tenant controller 122 to create multiple time-limited shared secrets, where the multi-tenant controller 122 generates the shared secrets for each IPSEC encrypted channel and sends them over a bi-directional certificate authenticated channel to the two IPSEC data channel end points. The end points then use the shared secret and nonces to derive session keys. The shared secret and session key may be refreshed at an interval specified by a policy”. And see [0749]-[0754]: “A method comprising: receiving at a first channel end point a shared secret; generating a plurality of nonce values; exchanging the nonce values with a second channel end point; generating a plurality of session keys; and refreshing the plurality of session keys at a predetermined time interval using the shared secret”);
generating a symmetric key for each common key… by applying a key derivation function to a respective common key… using the one-time nonce, to generate a set of symmetric keys (see [0143]: “The end points then use the shared secret and nonces to derive session keys”.)

The previously cited reference Fukuda (US 2015/0222432) teaches (see the Office Action (“OA”) dated 12/20/2021, page 11) a sender of an encrypted message receiving an acknowledgement indicating a termination status of the encrypted message.

The previously cited reference Lin (US 2016/0226808) teaches (see the Office Action (“OA”) dated 12/20/2021, pages 20-21) identifying a first portion of the message content designated for one or more servers; 
identifying a second portion of the message content designated for a specified recipient; 
encrypting the second portion of the message content with the encryption key to generate an encrypted message; and 
transmitting the encrypted message, and the first portion of the message content, the first portion of the message content being transmitted unencrypted. 

Independent claims 1, 9 and 15 are allowable for the following reason: before the effective filing date of the claimed invention, it would not have been obvious to a person of ordinary skill in the art 
first to improve the communication method of Leavy by adding the step of exchanging, with the specified recipient, a one-time nonce at specified time intervals wherein the one-time nonce is valid during a specified time period and replaces a previous one-time nonce that has a time period that has expired taught by Yadav and using the one-time nonce when generating a symmetric key for each common key by applying a key derivation function to a respective common key and the one-time nonce to generate a set of symmetric keys, as taught by Yadav,
second to improve the communication method of Leavy modified in view of Yadav by adding the step of receiving an acknowledgement indicating a termination status of the encrypted message taught by Fukuda, and
finally to improve the method of Leavy modified in view of Yadav and Fukuda by adding the steps of identifying a first portion of the message content designated for one or more servers; identifying a second portion of the message content designated for the specified recipient; encrypting the second portion of the message content with the encryption key to generate the encrypted message; and transmitting the encrypted message, and the first portion of the message content, the first portion of the message content being transmitted unencrypted, as taught by Lin.

Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ZHIMEI ZHU whose telephone number is (571)270-7990. The examiner can normally be reached 10am-6pm Monday-Friday.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Farid Homayounmehr can be reached on 571-272-3739. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/ZHIMEI ZHU/Examiner, Art Unit 2495                                                                                                                                                                                                        
/JEFFERY L WILLIAMS/Primary Examiner, Art Unit 2495