Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This Office Action is in response to Application No. 17/249,273 filed on 02/25/2021.
Claims 1-11 have been examined and are pending in this application.
Information Disclosure Statement
The information disclosure statement (IDS) submitted on 02/25/2021, is in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the examiner.
The information disclosure statement filed 08/18/2021 fails to comply with the provisions of 37 CFR 1.97, 1.98 and MPEP § 609 because T.  It has been placed in the application file, but the information referred to therein has not been considered as to the merits.  Applicant is advised that the date of any re-submission of any item of information contained in this information disclosure statement or the submission of any missing element(s) will be the date of submission for purposes of determining compliance with the requirements based on the time of filing the statement, including all certification requirements for statements under 37 CFR 1.97(e).  See MPEP § 609.05(a).

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.

Claims 3 and 4 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor, or for pre-AIA  the applicant regards as the invention.
Regarding claim 3, claim 3 line 5 introduces the element “a router”. The elements of “router” was previously introduced in claim 1 line 4, as a result, lacks proper antecedent basis. Appropriate correction to “router” is required to ensure proper claim interpretation.
Regarding claim 4, claim 4  line 8 introduces the element “a decryption key”. The elements of “a decryption key” was previously introduced in claim 1 line 13, as a result, lacks proper antecedent basis. Appropriate correction to “ a decryption key” is required to ensure proper claim interpretation.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1, 4-5, and 8-11 are rejected under 35 U.S.C. 103 as being unpatentable over Yuan et al.(US Application 20200280437 A1; Hereinafter “Yuan”) in view of Tanizawa (US Application 20150236852 A1; Hereinafter “Tanizawa”).
Regarding claim 1, A communication system comprising: a key management server device (server 130) comprising a first processor (Yuan: para [0043], fig. 2, “illustrates an exemplary environment 200 that facilitates storage encryption and decryption, including exemplary communications, in accordance with an embodiment of the present application. Environment 200 can include security device 120, key-managing device 130, and storage device 140, as in environment 100 of FIG. 1.”); and 
a router comprising a memory and a second processor coupled to the memory (para [0039] “Environment 100 can also include a server 120, a server 130, and a storage device 140, which may communicate with each other (and computing device 110) via a network 102. Server 120 may be, e.g., a security device 120 with an encryption/decryption system 121”),  
generate a decryption key corresponding to the encryption key from the bit string based on the key identification information and the key length, upon receiving the control signal without waiting for a request to generate the decryption key from the router(Yuan: Para[0045-0046], fig 2. “Data encryption module 126 can obtain a key from key pool 127 (function 204), and send a synchronization request 206 to key storage module 136. Synchronization request 206 can indicate that key storage module 136 is to obtain a key from key pool 137 which is the same as the key obtained by data encryption module 126. That is, upon receiving synchronization request 206, key storage module 136 can obtain a key from key pool 137 (function 208), where the obtained key is the same as the key obtained by data encryption module 126 from key pool 127 (as in function 204).”, “ Key storage module 136 can generate a key label (function 210) for the obtained key,”); and
supply the decryption key to the router(Yuan: [0046-0048] “send both the obtained key and the generated key label to key database 134 (function 212).”, “Key provision module 132 can send the retrieved key 228 to data decryption module 122, which can decrypt the data based on the retrieved key (function 230) and transmit the decrypted data (packet 232) back to, e.g., a requesting application.”), and
the second processor (security device 120) being configured to: receive a packet encrypted with the encryption key (Yuan: “Para[0042] [0045], [0048], fig. 1, 2“This may trigger storage device 140 to send a packet 156 to security device 120, where packet 156 can indicate the encrypted data and the corresponding key label (similar to packet 154).” ); 
and decrypt the packet by using the decryption key supplied from the key management server device without requesting the key management server device to generate the decryption key (Yuan: Para[0042], [0045], [0048],  fig. 2 “Security device 120 can receive a request to decrypt data based on received packet 156, obtain a key based on the key label included in packet 156, decrypt the data using the obtained key, and send a packet 158 back to the interfacing application or function, e.g., computing device 110 associated with user 112, wherein packet 158 can indicate the decrypted data.”). 
Yuan does not explicitly teach the first processor being configured to: share a bit string by quantum key distribution; receive a control signal including key identification information and a key length, the key identification information identifying an encryption key generated from the bit string, and the key length indicating a length of the encryption key 
However, in an analogous art, Tanizawa teaches the first processor being configured to (Para[0034] “The QKD transmitter 1 includes a quantum key sharing unit 10, an EC processor 11 (an error correcting unit), a PA processor 12 (a compressor), a classical communication unit 13, a key management unit 14, a key provider 15, a storage 16, and a controller 17.”):
share a bit string (photon bit string) by quantum key distribution (Tanizawa: 0050]-[0052] FIG. 4 5, “For example, the quantum key sharing unit 10 of the QKD transmitter 1 sends, to the quantum key sharing unit 20 of the QKD receiver 2 via the quantum communication channel, a photon bit string made of single photons having a state based on base information that is generated in a random manner as against a bit string generated using random numbers. Thus, the quantum key sharing unit 20 receives the photon bit string from the quantum key sharing unit 10 via the classical communication channel, and reads the photon bit string based on the base information generated in a random manner.”)
receive a control signal (control data (PA information)) including key identification information (random numbers) and a key length (length information), the key identification information identifying an encryption key generated from the bit string, and the key length indicating a length of the encryption key (Tanizawa: [0035-0038)], [0066], [0119], fig. 4“The PA processor 12 receives control data (PA information) from a PA processor 22 (described later) via the classical communication channel”,  “The PA processor 22 of the QKD receiver 2 sends PA information (such as random numbers and length information of the encryption key) to the PA processor 12 of the QKD transmitter 1 via the classical communication channel. Thus, the PA processor 12 receives the PA information from the PA processor 22 via the classical communication channel.”). 
Therefore, it would have been obvious to a person having ordinary skill in the art, before the effective filling date of the claimed invention, to combine the teaching Tanizawa into the method of Yuan to include the first processor being configured to: share a bit string by quantum key distribution; receive a control signal including key identification information and a key length, the key identification information identifying an encryption key generated from the bit string, and the key length indicating a length of the encryption key because it will improve the system by having a proportional increase in the encryption strength and communicable time of the cryptographic communication (Tanizawa: para [0004-0005]).
Regarding claim 4, Yuan in view of Tanizawa teaches the independent claim 1. Yuan additionally teaches wherein the second processor is further configured to: store a plurality of the decryption keys in the memory in an order that the decryption keys are generated by the first processor (Yuan: para [0035] “Upon generating the same random key sequence, the first and second entities may each store the key sequences in a respective key pool. Exemplary quantum key distribution protocols include the BB84, B91, and B92 protocols, as well as other protocols which have been proposed to improve the code rate, such as continuous variable QKD, DSP-QKP, and SARG.”); and 
read a specified decryption key, input the specified decryption key to decryption processing, and delete a decryption key stored in the memory before the specified decryption key is stored (Yuan: para [0037][0051], “The term “key label” refers to an identifier or identifying information used to distinguish between different keys. The key label may be in the form of, e.g., numerical values or character strings.”, “Upon updating the key, the system may also delete both the key most recently used for an encryption operation, and the corresponding key label. This reduces the amount of storage space required, and also decreases the risk of key exposure by allowing the key-managing device to maintain centralized management.”).
Regarding claim 5, Yuan in view of Tanizawa teaches the dependent claim 4. Yuan additionally teaches wherein in decrypting the packet, the second processor is configured to wait for a predetermined time and request the memory to read the decryption key when the decryption key for decrypting the packet has not been supplied from the key management server device (Yuan: para [0041],[0049] “environment 200 depicts a system which facilitates secure encryption and decryption of data on a remote device (e.g., a storage device) by updating a key based on a dynamic key refreshment protocol, storing a key label for the updated key, and applying a quantum key distribution protocol to ensure the synchronization and security of key distribution. The system allows a new key to be selected (e.g., updating a key) on a periodic basis (e.g., based on a predetermined time interval) or on a continuous basis (e.g., based on receiving a request to encrypt data, that is, a “one key one storage” method)”).
Regarding claim 8, claim 8 is rejected under the same rational as claim 1.
Regarding claim 9, claim 9 is rejected under the same rational as claim 1.
Regarding claim 10, claim 10 is rejected under the same rational as claim 1.
Regarding claim 11, claim 11 is rejected under the same rational as claim 1.

Claims 2-3 are rejected under 35 U.S.C. 103 as being unpatentable over Yuan et al.(US Application 20200280437 A1; Hereinafter “Yuan”) in view of Tanizawa (US Application 20150236852 A1; Hereinafter “Tanizawa”), and further in view of Fu (US Application 2018/0109372 ; Hereinafter “Fu”).
Regarding claim 2, Yuan in view of Tanizawa teaches the independent claim 1. 
Yuan in view of Tanizawa  does not explicitly teach wherein the control signal further includes offset information indicating where to extract the decryption key from the bit string, and the first processor is configured to generate the decryption key based on the offset information. 
However in an analogous art, Fu teaches wherein the control signal further includes offset information indicating where to extract the decryption key from the bit string, and the first processor is configured to generate the decryption key based on the offset information. (Fu: Para [0080], “subsequent to entities receiving equipment private keys and trusted certificates, entities may start to establish secure communication channels among themselves. In some embodiments, two entities can produce one or more shared quantum data keys using a trusted-computing based QKD scheme. One can assume that two communicating entities have previously negotiated a shared secret quantum string. Each entity can store the shared secret quantum string in its TPM. ”).
Therefore, it would have been obvious to a person having ordinary skill in the art, before the effective filling date of the claimed invention, to combine the teaching Fu into the modified method of Yuan to include wherein the control signal further includes offset information indicating where to extract the decryption key from the bit string, and the first processor is configured to generate the decryption key based on the offset information because it will enhance the data security in the computing environment (Fu: para [0037]);
Regarding claim 3, Yuan in view of Tanizawa teaches the independent claim 1. 
Yuan in view of Tanizawa  does not explicitly teach wherein the communication system comprises a plurality of the routers, the control signal further includes router identification information identifying a router to be supplied with the decryption key among the plurality of routers, and the first processor is configured to supply the decryption key to the router identified by the router identification information.
However in an analogous art, Fu teaches wherein the communication system comprises a plurality of the routers, the control signal further includes router identification information identifying a router to be supplied with the decryption key among the plurality of routers, and the first processor is configured to supply the decryption key to the router identified by the router identification information ([0063][0069][0073] “In some embodiments, the trusted authorization center can include a plurality of trusted control nodes (e.g., nodes 206 and 208 shown in FIG. 2) that are coupled to each other. These control nodes collectively share and perform the authorization duty”, “The quantum key distribution device can also transmit the route information of each selected route through the conventional channel to the other quantum key distribution device, and the other quantum key distribution device uses the route information to transmit the quantum information. The identification information of the key distribution device is verified.”” If there are n trusted control nodes within the trusted authorization center, the system private key can be divided into n shares, each share being noted as S, (i=1, 2, . . . , n). The n shares of the system private key can then be sent to the n trusted control nodes, one share per node (operation 408)”, “each trusted control node may generate a subkey (or equipment subkey) for the requesting entity (operation 506). More specifically, the subkey can be generated based on the identity and TPM information of the requesting entity. The TPM information can include the unique identifier of the TPM and the PCR values”).
Therefore, it would have been obvious to a person having ordinary skill in the art, before the effective filling date of the claimed invention, to combine the teaching Fu into the modified method of Yuan to include wherein the communication system comprises a plurality of the routers, the control signal further includes router identification information identifying a router to be supplied with the decryption key among the plurality of routers, and the first processor is configured to supply the decryption key to the router identified by the router identification information because it will enhance the data security in the computing environment (Fu: para [0037]);
Claims 6 and 7 are rejected under 35 U.S.C. 103 as being unpatentable over Yuan et al.(US Application 20200280437 A1; Hereinafter “Yuan”) in view of Tanizawa (US Application 20150236852 A1; Hereinafter “Tanizawa”), and further in view of Cao et al. (CN Application 110011791 ; Hereinafter “Cao”).
Regarding claim 6, Yuan in view of Tanizawa teaches the dependent claim 5. 
Yuan in view of Tanizawa  does not explicitly teach wherein the second processor is configured to discard the packet without decrypting the packet when the decryption key is not able to be acquired even after a predetermined number of requests for the memory to read the decryption key. 
However in an analogous art, Cao teaches wherein the second processor is configured to discard the packet without decrypting the packet when the decryption key is not able to be acquired even after a predetermined number of requests for the memory to read the decryption key (Cao: “signature verification failed. signature verification failed. or already exceeds the allowable time period, random4 or random5 then discarding the data packet in the allowed time period appeared satisfies any one of the conditions and sending refusal to UE1 communication data packet and cut off the connection, otherwise the UE2 selects a random number b, calculating gb and (ga) bmod p, UE2 sends D2D to UE1 parameter response data packet, the data”).
Therefore, it would have been obvious to a person having ordinary skill in the art, before the effective filling date of the claimed invention, to combine the teaching Cao into the modified method of Yuan to include wherein the second processor is configured to discard the packet without decrypting the packet when the decryption key is not able to be acquired even after a predetermined number of requests for the memory to read the decryption key because it can reduce the service pressure, save processing resources, simplifying user operation and accelerates the circulation speed of electronic evidence security. (Cao para [0001])
Regarding claim 7, Yuan in view of Tanizawa teaches the dependent claim 4. 
Yuan in view of Tanizawa  does not explicitly teach wherein in decrypting the packet, the second processor is configured to wait for a notification from the memory for a predetermined time when the decryption key for decrypting the packet has not been supplied from the key management server device, and to discard the packet without decrypting the packet when receiving no notification even after passage of the predetermined time. 
However in an analogous art, Cao teaches wherein in decrypting the packet, the second processor is configured to wait for a notification from the memory for a predetermined time when the decryption key for decrypting the packet has not been supplied from the key management server device, and to discard the packet without decrypting the packet when receiving no notification even after passage of the predetermined time (Cao: claim 3“signature verification failed. or already exceeds the allowable time period, random4 or random5 then discarding the data packet in the allowed time period appeared satisfies any one of the conditions and sending refusal to UE1 communication data packet and cut off the connection, otherwise the UE2 selects a random number b, calculating gb and (ga) bmod p, UE2 sends D2D to UE1 parameter response data packet, the data”.
Therefore, it would have been obvious to a person having ordinary skill in the art, before the effective filling date of the claimed invention, to combine the teaching Cao into the modified method of Yuan to include wherein in decrypting the packet, the second processor is configured to wait for a notification from the memory for a predetermined time when the decryption key for decrypting the packet has not been supplied from the key management server device, and to discard the packet without decrypting the packet when receiving no notification even after passage of the predetermined time because it can reduce the service pressure, save processing resources, simplifying user operation and accelerates the circulation speed of electronic evidence security. (Cao para [0001])
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure:
Any inquiry concerning this communication or earlier communications from the examiner should be directed to LYDIA L NOEL whose telephone number is (571)272-1628. The examiner can normally be reached Monday - Friday 9:00 - 5:00.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kristine Kincaid can be reached on 571-272-4063. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.



/L.L.N./Examiner, Art Unit 2437     
/NELSON S. GIDDINS/Primary Examiner, Art Unit 2437