Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

DETAILED ACTION
The present application is being examined under the pre-AIA  first to invent
provisions.
This office action is in response to the documents filed on 02/16/2022.
Claim 1 has been amended. Claims 2, 4, 5, 11, and 12 were previously canceled. Claim 14 is new. Claims 1, 3, 6 – 10, 13, and 14 are pending for consideration. 

Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection. Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on 02/16/2022 has been entered.

Response to Arguments
Applicant's arguments filed on 02/16/2022 have been fully considered but they are moot in view of new ground of rejection. 

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.

Claims 1, 3, 6 – 10, and 14 are rejected under 35 U.S.C. 103 as being unpatentable over Matsumoto (US 2019/0088350) (hereafter Matsumoto) and in view of Greve et al.  (US 11200312) (hereafter Greve).


Regarding claim 1 Matsumoto teaches: A semiconductor device comprising: a controller that 1) generates a cryptographic request with request information including an address of target data (Matsumoto in Para [0028] discloses “the main controller 120 includes a main CPU 101, a memory control unit 102, a flash memory 103, a DRAM 104, a LAN-IF control unit 105, and a Reader-IF unit 108”, Matsumoto in Para [0028] discloses “the procedure moves to step S807, where the BCPU 310 transitions to the Config state, that is, the state in which it can accept an authentication request from the SATA host control unit 111”);
[and 2) includes a master processor and a checker processor that execute a same process as one another in a lock step, 
a result of the checker processor being compared with a result of the master processor; a memory; a secure memory that stores a key used for encryption or decryption;] 
[a secure processor that generates a cryptographic instruction with setting information including an address extracted from the request information in response to the cryptographic request from the controller; 
a cryptographic unit including a master cryptographic processor and a checker cryptographic processor that perform a same cryptographic process as one another, using the key, on data stored in the extracted address of the memory based on the setting information,] 
a processing result of the checker cryptographic processor being compared with a processing result of the master cryptographic processor (Matsumoto in Para [0090] discloses “the HCPU 301 calculates the hash value of the secret information acquired from the SATA bridge control unit 112, and compares the acquired message authentication code with a decrypted value, to check the genuineness”); a first bus coupled to the controller, the memory, the cryptographic unit, and the secure processor; and a second bus coupled to the secure memory, the cryptographic unit, and the secure processor (Examiner note: first bus is met by the B bus 17; second bus is met by both buses, the B-Host1-IF 207 and the B-Host2-IF 208) (Matsumoto in Para [0048] discloses “The B bus 317 includes a bus controller, and is expressed as a collection of a control bus, a data bus, and a local bus between arbitrary blocks, for descriptive purposes” Matsumoto in Para [0048] discloses “the SATA-IP (Host) 202 of the SATA host control unit 111 and the SATA-IP (Device) 203 of the SATA bridge control unit 112 are connected to each other via the H-Host-IF 206. Furthermore, the SATA-IPs (Hostl/2) 204 and 205 are respectively connected to the HDD/SSD 113 and the HDD/SSD 114 via the B-Host1-IF 207 and the B-Host2-IF 208.”), wherein the controller communicates with the memory via a predetermined error detection mechanism (Examiner note: error detection mechanism is met by the self-test using an EDC (error-detecting code)) (Matsumoto in Para [0055] discloses “Secret information stored in the secret information area 403 is verified as to whether or not there is a failure, in an internal self-test conducted during a normal operation using an EDC (error-detecting code).”), wherein each of the master cryptographic processor and the checker cryptographic processor includes a data transfer unit that performs a data transfer with the memory via the error detection mechanism (Matsumoto in Para [0044] discloses “The DMAC (Direct Memory Access Controller) 307 performs, upon the start-up, data transfer between predetermined memories, in which beginning addresses and sizes of a transfer source and a transfer destination are set in a predetermined resistor by the HCPU 301” Matsumoto in Para [0077] discloses “In step S711, the HCPU 301 executes error processing.”), and wherein the controller detects a failure of the secure processor by comparing the request information with the setting information (Matsumoto in Para [0084] discloses “Moreover, in step S811, the BCPU 310 determines whether or not the failure was caused by a (condition) self-test error.”).
Matsumoto fails to explicitly teach: and 2) includes a master processor and a checker processor that execute a same process as one another in a lock step, 
a result of the checker processor being compared with a result of the master processor; a memory; a secure memory that stores a key used for encryption or decryption;
a secure processor that generates a cryptographic instruction with setting information including an address extracted from the request information in response to the cryptographic request from the controller; 
a cryptographic unit including a master cryptographic processor and a checker cryptographic processor that perform a same cryptographic process as one another, using the key, on data stored in the extracted address of the memory based on the setting information,
Greve from the analogous technical field teaches: and 2) includes a master processor and a checker processor that execute a same process as one another in a lock step, 
(Examiner note: the master/checker processors configuration and disclosed functions are met by the concept of Dual Core Lock Step system, see p.14, ll. 6-13; master and checker processors are met by the first and second processors of Greve, respectively) (Greve, in col. 1, ll. 31-35, discloses “The dual lock step processor system includes a first processor, a second processor, and an exploit monitor. The first processor is operably connected to a first memory. The first memory includes a plurality of first address locations” Greve, in col. 1, ll. 46-51, discloses “The second processor is configured to receive, from the second memory, a second instruction to store the first program value; encode the first program value using a second differential encoding to generate a second encoded program value;”) a result of the checker processor being compared with a result of the master processor; a memory; a secure memory that stores a key used for encryption or decryption (Greve, in col. 2, ll. 1-7, discloses “The exploit monitor is operably connected to the first processor and the second processor. The exploit monitor is configured to compare the first decoded stored value to the second decoded stored value; and signal an issue responsive to the first decoded stored value being different from the second decoded stored value.”); a secure processor that generates a cryptographic instruction with setting information including an address extracted from the request information in response to the cryptographic request from the controller (Greve, in col. 2, ll. 9-16, discloses “The method includes receiving an input associated with a first program value; receiving a first instruction to store the first program value; encoding the first program value using a first differential encoding to generate a first encoded program value on a first processer; writing the first encoded program value into a first selected address location,”) a cryptographic unit including a master cryptographic processor and a checker cryptographic processor that perform a same cryptographic process as one another, (Greve, in col. 7, ll. 17-19, discloses “The first processor 202 and second processor 204 are separate processors that run-in lock step (e.g., at the same clock tick) and execute identical code.” Greve, in col. 7, ll. 25-29, discloses “Thus, any code that is inserted or passed through to the dual lock step processor system 200 as the input 201 is executed on the first processor 202 and the second processor 204 in parallel and at the same time.”) using the key, on data stored in the extracted address of the memory based on the setting information (Greve, in col. 8, ll. 18-21, discloses “The first processor 202 and the second processor 204 include a compiler system 208 that is configured to execute encode and decode operations on each respective stack of the first memory 212 and the second memory 214”).
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Matsumoto, in view of the teaching of Greve which discloses operation of the two processors configured as a lock step system, i.e. dual core lock step system in order to improve security of the data processing in the system (Greve, col. 1, ll. 31-35, col. 1, ll. 46-51, col. 2, ll. 1-7, col. 2, ll. 9-16, col. 7, ll. 17-19, col. 7, ll. 25-29, col. 8, ll. 18-21)

Regarding claim 3 Matsumoto, as modified by Greve, teaches: The semiconductor device according to claim 1, wherein the master cryptographic processor stores the processing result of the master cryptographic processor in the memory using the data transfer unit, and the checker cryptographic processor discards the processing result of the checker cryptographic processor (Examiner note: as noted above, a cryptographic unit is met by the bridge control unit 112; SATA stands for Serial Advanced Technology Attachment; checker and master processors are met by the host CPU, HCPU 301, and by the main CPU 101, respectively) (Matsumoto in Para [0032] discloses “The SATA bridge control unit 112 has additional functions for RAID control, data encryption, and the like.” Matsumoto in Para [0124] discloses “The computer may comprise one or more processors (e.g., central processing unit (CPU), micro processing unit (MPU)) and may include a network of separate computers or separate processors to read out and execute the computer executable instructions” Matsumoto in Para [0043] discloses “The SRAM 304 is used as a work area for the HCPU 301, a storage area for various types of control tables and parameters, a data buffer, and the like.” Matsumoto in Para [0101] discloses “the HCPU 301 issues an Erase-Secret-Info command 513 in FIG. 5B, so that the authentication ID and the secret information stored in the secret information area 403 installed in the SATA bridge control unit (sub ASIC) 112 are discarded.” Matsumoto in Para [0028] discloses “the main controller 120 includes a main CPU 101, a memory control unit 102, a flash memory 103, a DRAM 104, a LAN-IF control unit 105, and a Reader-IF unit 108”).

Regarding claim 6 Matsumoto, as modified by Greve, teaches: The semiconductor device according to claim 1, wherein each of the master cryptographic processor and the checker cryptographic processor performs (Examiner note: as noted above, checker and master processors are met by the host CPU, HCPU 301, and by the main CPU 101, respectively) (Matsumoto in Para [0074] discloses “where the HCPU 301 checks the internal state of the SATA bridge control unit 112, and transitions to the state 5” Matsumoto in Para [0042] discloses “The HCPU 301 performs, as a SATA controller, overall control such as SATA command issuing processing, transmitted/received data forwarding processing, and status receiving processing.” Matsumoto in Para [0121] discloses “the HCPU 301 compares the read value with the magic number stored in advance to determine whether or not the HDD (or SSD) is paired with the correct encryption key” Matsumoto in Para [0077] discloses “the HCPU 301 notifies the main CPU 101 of the fact that the start-up processing of the SATA system is complete and it is accessible, and starts a normal operation”) as the cryptographic process, encryption for the data and generation of a message authenticating code using the key when the data is data to be transmitted to another semiconductor device  (Matsumoto in Para [0054] discloses “The genuineness of a program stored in the program area 401 is verified by calculating the hash value of the program, and decrypting an appended digital signature, which is encrypted using a secret key of the vendor, using a public key of the verifier.”).

Regarding claim 7 Matsumoto, as modified by Greve, teaches: The semiconductor device according to claim 1, wherein each of the master cryptographic processor and the checker cryptographic processor decrypts the data (Examiner note: as noted above, checker and master processors are met by the host CPU, HCPU 301, and by the main CPU 101, respectively) (Matsumoto in Para [0074] discloses “where the HCPU 301 checks the internal state of the SATA bridge control unit 112, and transitions to the state 5” Matsumoto in Para [0042] discloses “The HCPU 301 performs, as a SATA controller, overall control such as SATA command issuing processing, transmitted/received data forwarding processing, and status receiving processing.” Matsumoto in Para [0121] discloses “the HCPU 301 compares the read value with the magic number stored in advance to determine whether or not the HDD (or SSD) is paired with the correct encryption key” Matsumoto in Para [0077] discloses “the HCPU 301 notifies the main CPU 101 of the fact that the start-up processing of the SATA system is complete and it is accessible, and starts a normal operation”) and generates a first message authenticating code as the cryptographic process when the data is received data from another semiconductor device (Matsumoto in Para [0066] discloses “At this time of the state 7, data can be written into and read out from the HDD (or SSD), data to be stored in the HDD (or SSD) is encrypted, and data to be read out is decrypted. Furthermore, only the person authorized to reach the state 7 transitions to a state 11: Secret Information Output state 610 via the state 6: Authentication state 608, so that it is possible to output the secret information area 403.” Matsumoto in Para [0090] discloses “the HCPU 301 calculates the hash value of the secret information acquired from the SATA bridge control unit 112, and compares the acquired message authentication code with a decrypted value, to check the genuineness.”).

Regarding claim 8 Matsumoto, as modified by Greve, teaches: The semiconductor device according to claim 7, wherein the received data includes encrypted data using the key and a second message authentication code generated by the other semiconductor device (Matsumoto in Para [0055] discloses “the hash value of the secret information is calculated, and the genuineness is verified with a message authentication code encoded using a common key of the vendor”), 3 DM_US 182087651-1.067237.1601Application No. 16/573,407Docket No.: 067237-1601 wherein at least the master cryptographic processor stores the decrypted data and the first message authentication code in the memory using the data transferring unit (Examiner note: storage management by master processor is met by the operation of memory control unit 102 that together with the main CPU 101 belong to the main controller 120 )(Matsumoto in Para [0028] discloses “the main controller 120 includes a main CPU 101, a memory control unit 102, a flash memory 103, a DRAM 104, a LAN-IF control unit 105, and a Reader-IF unit 108” Matsumoto in Para [0066] discloses “At this time of the state 7, data can be written into and read out from the HDD (or SSD), data to be stored in the HDD (or SSD) is encrypted, and data to be read out is decrypted.” Matsumoto in Para [0044] discloses “The DMAC (Direct Memory Access Controller) 307 performs, upon the start-up, data transfer between predetermined memories, in which beginning addresses and sizes of a transfer source and a transfer destination are set in a predetermined resistor by the HCPU 301” Matsumoto in Para [0077] discloses “In step S711, the HCPU 301 executes error processing.”), and wherein the controller compares the first message authentication code and the second message authentication code stored in the memory to detect a failure of the [[first]]master cryptographic processor (Matsumoto in Para [0090] discloses “the HCPU 301 calculates the hash value of the secret information acquired from the SATA bridge control unit 112, and compares the acquired message authentication code with a decrypted value, to check the genuineness.”).

Regarding claim 9 Matsumoto, as modified by Greve, teaches: The semiconductor device according to claim 7, wherein the received data includes encrypted data using the key and a second message authentication code generated by the other semiconductor device (Matsumoto in Para [0055] discloses “the hash value of the secret information is calculated, and the genuineness is verified with a message authentication code encoded using a common key of the vendor.”), and wherein at least the master cryptographic processor further comprises a comparator that compares the second message authentication code obtained from the memory using the data transfer unit with the first message authentication code (Examiner note: role of comparator is met by the bridge control unit 112 comprising the HCPU 301) (Matsumoto in Para [0090] discloses “the HCPU 301 calculates the hash value of the secret information acquired from the SATA bridge control unit 112, and compares the acquired message authentication code with a decrypted value, to check the genuineness.” Matsumoto in Para [0118] discloses “the HCPU 301 can compare the read value with a magic number stored in advance in, for example, the flash memory (eMMC) 103”).

Regarding claim 10 Matsumoto, as modified by Greve, teaches: The semiconductor device according to claim 9, wherein the master cryptographic processor stores the decrypted data and the comparison result by the comparator in the memory using the data transferring unit (Matsumoto in Para [0054] discloses “The genuineness of a program stored in the program area 401 is verified by calculating the hash value of the program, and decrypting an appended digital signature, which is encrypted using a secret key of the vendor, using a public key of the verifier.” Matsumoto in Para [0090] discloses “the HCPU 301 calculates the hash value of the secret information acquired from the SATA bridge control unit 112, and compares the acquired message authentication code with a decrypted value, to check the genuineness.”), and the controller discards the decrypted data when the comparison result stored in the memory indicates a mismatch (Matsumoto in Para [0118] discloses “the HCPU 301 can compare the read value with a magic number stored in advance in, for example, the flash memory (eMMC) 103” Matsumoto in Para [0101] discloses “the HCPU 301 issues an Erase-Secret-Info command 513 in FIG. 5B, so that the authentication ID and the secret information stored in the secret information area 403 installed in the SATA bridge control unit (sub ASIC) 112 are discarded.”).

Regarding claim 14 Matsumoto, as modified by Greve, teaches: The semiconductor device according to claim 1, wherein the first bus and the second bus are independent of each other, and wherein the controller is inaccessible to the second bus (Examiner note: data communication between processors and peripheral units per bus is met by communication per direct independent connections of processors to the specified units) (Greve, in col. 1, ll. 31-35, discloses “The dual lock step processor system includes a first processor, a second processor, and an exploit monitor. The first processor is operably connected to a first memory.” Greve, in col. 1, ll. 46-51, discloses “The second processor is configured to receive, from the second memory, a second instruction to store the first program value;” Greve, in col. 7, ll. 39-44, discloses “Each processor is communicably connected to a separate, independent memory subsystem. The first processor 202 is communicably connected to a first memory 212 and the second processor 204 is communicably connected to a second memory 214”).

Claim 13 is rejected under 35 U.S.C. 103 as being unpatentable over Matsumoto (US 2019/0088350) (hereafter Matsumoto), in view of Greve et al.  (US 11200312) (hereafter Greve), and in view of Bong (US 7885405) (hereafter Bong).

Regarding claim 13 Matsumoto, as modified by Greve, teaches: The semiconductor device according to claim 1, 
[wherein the request information further includes a type of cryptographic algorithm, wherein the setting information further includes the type of cryptographic algorithm extracted from the request information,] 
and wherein the master processor and the checker cryptographic processor perform the same cryptographic process corresponding to the extracted type of cryptographic algorithm (Examiner note: type of the cryptographic algorithm defines a type of the encryption key, i.e., verifying a type of the algorithm is met by verifying a type of the encryption/decryption key) (Matsumoto in Para [0121] discloses “the HCPU 301 compares the read value with the magic number stored in advance to determine whether or not the HDD (or SSD) is paired with the correct encryption key” Matsumoto in Para [0077] discloses “the HCPU 301 notifies the main CPU 101 of the fact that the start-up processing of the SATA system is complete and it is accessible, and starts a normal operation”);
Matsumoto, as modified by Greve, fails to explicitly teach: wherein the request information further includes a type of cryptographic algorithm, wherein the setting information further includes the type of cryptographic algorithm extracted from the request information
Bong from the analogous technical field teaches: wherein the request information further includes a type of cryptographic algorithm (Bong, in Col. 2, ll.58 – 60 discloses “It will be appreciated that data communication systems may employ a wide variety of security or encryption algorithms”), wherein the setting information further includes the type of cryptographic algorithm extracted from the request information (Examiner note: SA stands for a Security Association; request and setting of the cryptographic algorithm type are met by operations of network controller 102 comprising SA interface 142 and SA lookup 146 modules) (Bong, in Col. 13, ll.29 – 32 discloses “The network controller 102 of the present invention takes advantage of security associations (SAs) using the SA memory interface 142, the SA lookup 146, and the SA memory 140”. Bong, in Col. 13, ll.37 – 39 discloses “There are several standard encryption and authentication algorithms, so the SA interface 142 and SA lookup 146 indicates which one is to be used for a particular frame” Bong, in Col. 13, ll.41 – 45 discloses “The SAs are obtained according to an IPsec protocol whereby sufficient information is exchanged with a user or system on the network to decide which algorithms to use and allow both parties to generate the same keys”)
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Matsumoto, as modified by Greve, in view of the teaching of Bong which discloses requests and verification of the cryptographic algorithm type in order to higher security of cryptographic data processing in the system (Bong, Col. 2, ll.58 – 60 , Col. 13, ll.29 – 32, Col. 13, ll.37 – 39, Col. 13, ll.41 – 45).


Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to VLADIMIR IVANOVICH GAVRILENKO whose telephone number is (313)446-6530.  The examiner can normally be reached on Monday-Friday 7:30-4:30 EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Lynn Feild can be reached on (571) 272-2092.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/Vladimir I. Gavrilenko/Examiner, Art Unit 2431 

/TRANG T DOAN/Primary Examiner, Art Unit 2431