DETAILED ACTION
This is a non-final office action in response to applicant’s communication filed on 11/30/2020.
Claims 1-19 are pending and being considered.
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Priority
Acknowledgment is made of applicant’s claim for foreign priority under 35 U.S.C. 119 (a)-(d). The certified copy has been filed in parent Application No. KR10-2019-0156132, filed 11/28/2019.
Information Disclosure Statement
The information disclosure statement (IDS) submitted on 11/30/2020 has been considered. The submission is in compliance with the provisions of 37 CFR 1.97.  Accordingly, initialed and dated copy of Applicant’s IDS form 1449 filed as stated above is attached to the instant Office Action.
Abstract
Applicant is reminded of the proper content of an abstract of the disclosure.
A patent abstract is a concise statement of the technical disclosure of the patent and should include that which is new in the art to which the invention pertains. The abstract should not refer to purported merits or speculative applications of the invention and should not compare the invention with the prior art.
If the patent is of a basic nature, the entire technical disclosure may be new in the art, and the abstract should be directed to the entire disclosure. If the patent is in the nature of an improvement in an old apparatus, process, product, or composition, the abstract should include the technical disclosure of the improvement. The abstract should also mention by way of example any preferred modifications or alternatives. 
Where applicable, the abstract should include the following: (1) if a machine or apparatus, its organization and operation; (2) if an article, its method of making; (3) if a chemical compound, its identity and use; (4) if a mixture, its ingredients; (5) if a process, the steps.
Extensive mechanical and design details of an apparatus should not be included in the abstract. The abstract should be in narrative form and generally limited to a single paragraph within the range of 50 to 150 words in length.
See MPEP § 608.01(b) for guidelines for the preparation of patent abstracts.
Specification
The disclosure is objected to because of the following informalities: 
Some typos “mange” in para. [45], [53], [86], [90] of the published specification of the instant application.
Equations 3, 4, 6, 7, 10 are illegible.
Last line on page 13, “secret sharing ID may be set to |u (S424, refer to 4C).” The highlighted is not clear. Also see para. [68] line 4.
Line 22 on page 26, “an integrity verification/encryption key () 1231”. () 1231 may read (1231).
Lines 2, 3 on page 30, bus “1200” may read 2200, user interface output device “1500” may read user interface output device 2500, storage “1600” may read storage 2600.
Appropriate correction is required.
Claim Objections
Claims 8-10, 16-17 are objected to because of the following informalities:  
Claim 8 lines 2-3, “… for split processing …” may read “… for the split processing.…”. Similarly, claim 8 line 4.
Claim 8 lines 2-3 recites “the first network device constructs … and generates the interest packet …”. It is not clear “the interest packet” is the same “interest packet” constructed by the client device or not. If it the same interest packet, it appears conflicting that the same interest packet constructed by the client device can also be generated by the first network device. If it is not the same interest packet, applicant is suggested to recite a second interest packet or like.
Claim 9 line 2, “… for split processing …” may read “… for the split processing.…”.
Claim 10 lines 2-3, it appears that “the network device” may read “the first network device” since claim 8 recites the first network device … generates the interest packet. Applicant is suggested to clarify the claim language.
Claim 16 line 2, “… by dividing a secret key, …” may read “… by dividing the secret key, …”.
Claim 16 line 5, “… interpolation coefficients comprising the network device”. The underlined is not clear. It does not make sense the “coefficients comprising the network device”. Applicant is suggested to check the claim language.
Claim 17 line 1, “the method comprising;” should read “the method comprising:”.
Claim 17 lines 10-11 recites “and by performing secret sharing authentication by …”. It appears applicant intends to recite “and the secret sharing authentication by …”.
Claim 17 lines 11-12, “… using the unmasked first secret sharing key shards” may read “… using the unmasked first secret sharing key shard”.
Appropriate correction is required.
Allowable Subject Matter
Claims 6, 9 objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims, as well as resolving any informality and issues identified under 35 USC 112 (b).
Claim 6 recites “The system of claim 5, 34wherein the network device extracts an integrity verification and encryption key comprised in the secret sharing authentication token and a first integrity verification code, generates a second integrity verification code by using the integrity verification and encryption key, and verifies the secret sharing authentication token by comparing the first integrity verification code and the second integrity verification code.” 
The identified prior arts, Pourzandi, Uzun, Franklin, Matsumura, either singularly or in combination fails to anticipate or render obvious the claimed limitations recited in claim 6 above.
Claim 9 recites “The system of claim 8, wherein the secret sharing authentication token for split processing comprises a secret sharing ID necessary for authenticating the client device, the first secret sharing key shard, an auxiliary integrity verification and encryption key generated by the first 35network device, and an auxiliary integrity verification code generated by the auxiliary integrity verification and encryption key.” 
The identified prior arts, Pourzandi, Uzun, Machani, Niamut, either singularly or in combination fails to anticipate or render obvious the claimed limitations recited in claim 9 above.
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claims 3-6, 10-14, 16, 19 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.
Claim 3 line 3, line 7, recites the limitation "the secret sharing authentication token".  There is insufficient antecedent basis for this limitation in the claim.
Claim 4 recites “The system of claim 4”. It is not clear which claim that claim 4 depends to, rendering claim 4 indefinite.
Claims 5, 6 depends on claim 4, therefore inherits the deficiency as claim 4.
Claim 5 line 5 recites limitation “the reconstructed secret key”. There is insufficient antecedent basis for this limitation in the claim. Examiner notes claim 5 recites … reconstructs a threshold sharing secret key instead of “secret key”.
Claim 6 recites limitation “the secret sharing authentication token”. There is insufficient antecedent basis for this limitation in the claim. Since claim 6 depends on claim 5 and claim 5 depends on claim 4 while it is not clear whether claim 4 depends on claim 1, or 2, or 3. 
Claim 10 lines 4-5 recites “the processed calculation result”. There is insufficient antecedent basis for this limitation in the claim. 
Similarly claim 11 line 2, “calculation result”. 
Claim 12 line 5, 6, 7 recites “the secret sharing key shard”. There is insufficient antecedent basis for this limitation in the claim. It is not clear “the secret sharing key shard” is the first secret sharing key shard, or the second secret sharing key shard, or the secret sharing key shards. 
Claim 13 (and claim 14) line 6, 8, 9 “the secret sharing key shard” has same concern.
Claim 16 lines 2-3 recites limitation “the initial setting parameter”. There is insufficient antecedent basis for this limitation in the claim. Applicant may recite “the initial verifier setting parameter” instead.
Claim 19 lines 3-4 recites limitation “the secret sharing authentication token”. There is insufficient antecedent basis for this limitation in the claim.
Double Patenting
Applicant is advised that should claim 13 be found allowable, claim 14 will be objected to under 37 CFR 1.75 as being a substantial duplicate thereof. When two claims in an application are duplicates or else are so close in content that they both cover the same thing, despite a slight difference in wording, it is proper after allowing one claim to object to the other as being a substantial duplicate of the allowed claim. See MPEP § 706.03(k).
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
Claims 1-2, 17-18 are rejected under 35 U.S.C. 103 as being unpatentable over Pourzandi et al (US20210194677A1, hereinafter, "Pourzandi"), in view of Uzun (US20160182475A1, hereinafter, “Uzun”).
Regarding claim 1, Pourzandi teaches:
A system for a secret sharing authentication (Pourzandi, discloses method and system for cryptographic key management with threshold secret sharing, see [Abstract]. And [0041] the disclosure describes encryption using secret sharing based on cyber physical dependencies to secure the secret shares, thereby making secret sharing more secure. Also [0090] Therefore, the instant disclosure advantageously provides a method and system for performing a cryptographic key operation, encrypting a key such as an access key and sharing (hiding) the access key among different authenticated devices 14) comprising: 
a secret sharing information management server (Pourzandi, Fig. 1 Apparatus 12, and [0041] the disclosure describes encryption using secret sharing based on cyber physical dependencies to secure the secret shares, thereby making secret sharing more secure) configured to store and manage a secret key capable of being used for secret sharing authentication by dividing the secret key into a first secret sharing key shard and a second secret sharing key shard, and to allocate the first and second secret sharing key shards (Pourzandi, [0048] Apparatus 12 includes memory 20 that is configured to store data, ... Memory 20 is configured to store key distribution code 22 and key reconstruction code 24. For example, key distribution code 22 includes instructions that, … to perform the key distribution process discussed in detail with respect to FIGS. 2 and 3. And refer to Fig. 2, and [0052] FIG. 2 is a flow diagram of an exemplary key distribution process of key distribution code 22. Processing circuitry 26 divides a key into a plurality of portions, i.e., a plurality of portions of the key (Block S100). For example, key K is divided into a plurality of shares (s_i)… processing circuitry 26 divides the key into n shares where n is the number of devices 14 such that s1, s2, . . . , sn shares of the key are generated, and each device 14 receives a respective share of the key. And [0066] Processing circuitry 26 distributes (i.e. allocate) each of the plurality of encrypted portions of the key to a respective device of the plurality of devices for storage and retrieval, i.e., each device 14 of the plurality of devices 14 receives the encrypted portion of the key that was encrypted using pre-encryption contextual data from the respective device 14 (Block S106)); 
a client device configured to receive and manage the first secret sharing key shard allocated from the secret sharing information management server (Pourzandi, [0066] each device 14 of the plurality of devices 14 receives the encrypted portion of the key that was encrypted using pre-encryption contextual data from the respective device 14 (Block S106)) [and to construct an interest packet by using the first secret sharing key shard]; (see Uzun below for the teachings of limitation(s) in bracket)
and a network device configured to receive and manage the second secret sharing key shard allocated from the secret sharing information management server (Pourzandi, [0066] each device 14 of the plurality of devices 14 receives the encrypted portion of the key that was encrypted using pre-encryption contextual data from the respective device 14 (Block S106)), [to process the interest packet received from the client device on the basis of an ICN (Information Centric Networking) method, and to perform secret sharing authentication by using the second secret sharing key shard and the first secret sharing key shard comprised in the interest packet] (see Uzun below for the teachings of limitation(s) in bracket).
While Pourzandi teaches secret key sharing for content-dependent cryptography however does not explicitly teach the following limitations, in the same field of endeavor Uzun teaches:
[a client device configured to receive and manage the first secret sharing key shard allocated from the secret sharing information management server] (limitation in bracket already taught by Pourzandi shown above) and to construct an interest packet by using the first secret sharing key shard (Uzun, discloses authenticated signature production between devices in a CCN, see [Abstract]. And Refer to Fig. 4, and [0052] FIG. 4 presents a flow chart illustrating a method 400 by a content producing device (i.e. client device) for creating content (i.e. interest packet), … The content producing device creates a message authentication code for each content object based on a secret key shared with a content publishing device (operation 406));
and [a network device configured to receive and manage the second secret sharing key shard allocated from the secret sharing information management server] (limitation in bracket already taught by Pourzandi shown above), to process the interest packet received from the client device on the basis of an ICN (Information Centric Networking) method, and to perform secret sharing authentication by using the second secret sharing key shard and the first secret sharing key shard comprised in the interest packet (Uzun, [0042] FIG. 1 illustrates an exemplary computing environment 100 that facilitates delegation of authenticated signature production to a content publishing device (i.e. network device), ... Computing environment 100 can include a content producer 104 and a content publisher 106. Network 102 can be a content-centric network (CCN), a named data network (NDN), or an information-centric network (ICN). And refer to Fig. 5 step 502-504, 510. And [0053] a content publishing device monitors content objects that are created by a content producing device (operation 502). The content publishing device retrieves (i.e. process) the content object based on a name and a content object hash (COH) value for each content object (operation 504). If the content object includes a message authentication code (e.g., an HMAC, as described in relation to FIGS. 2A-2C) (decision 506), the content publishing device authenticates the HMAC for each content object based on a secret key shared with the content producing device (operation 510)). Examiner notes, the recited client device and network device are interpreted as any device in the network (in this case the CCN network); And Uzun’s authentication with shared key and Pourzandi’s threshold secret sharing scheme in combination therefore teaches secret sharing authentication using first and second secret sharing key shards.
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have employed the teachings of Uzun in the cryptographic key management of Pourzandi by authenticating delegation in content centric networking between content producer and content publisher using secret sharing scheme. This would have been obvious because the person having ordinary skill in the art would have been motivated to authenticate delegation between devices in CCN network using shared keys (Uzun, [Abstract]) provided by Pourzandi’s key management of secret sharing scheme.

Regarding claim 17, Pourzandi-Uzun combination teaches:
A method for a secret sharing authentication (Pourzandi, discloses method and system for cryptographic key management with threshold secret sharing, see [Abstract]. And [0041] the disclosure describes encryption using secret sharing based on cyber physical dependencies to secure the secret shares, thereby making secret sharing more secure. Also [0090] Therefore, the instant disclosure advantageously provides a method and system for performing a cryptographic key operation, encrypting a key such as an access key and sharing (hiding) the access key among different authenticated devices 14), the method comprising; performing method steps substantially similar to the steps performed by the secret sharing information management server, client device and network device of claim 1, therefore is rejected with same rational set forth as rejection of claim 1 above. Examiner further notes that masking and unmasking are interpreted as encrypting and decrypting (the secret sharing keys, or key shards). 

Regarding claim 2, similarly claim 18, Pourzandi-Uzun combination further teaches:
The system of claim 1, the method of claim 17, 
wherein the client device generates a secret sharing authentication token comprised in the interest packet, and wherein the secret sharing authentication token comprises at least one of a hash algorithm identifier, a secret sharing ID necessary for authenticating the client device, the first secret sharing key shard, an integrity verification and encryption key, a request 33processing device path, and a code for verifying the integrity of the secret sharing authentication token (Uzun, [0036] The simple device creates content objects and, using the shared secret key, includes a hash-based message authentication code (HMAC) (i.e. secret sharing authentication token) for each content object. The HMAC can be calculated by applying a cryptographic hash function in combination with the shared secret key to a content object. The publisher can verify the integrity and authentication of the content by calculating an HMAC based on the same cryptographic hash function and the shared key, and comparing the calculated HMAC to the included HMAC. And [0052] a content producing device creates content objects (operation 402) and includes a name for each content object (operation 404)… The content producing device creates a message authentication code for each content object based on a secret key shared with a content publishing device (operation 406)).  

Claims 3, 19 are rejected under 35 U.S.C. 103 as being unpatentable over Pourzandi-Uzun as applied above, further in view of Kang et al (US20130205379A1, hereinafter, “Kang”).
Regarding claim 3, similarly claim 19, Pourzandi-Uzun combination further teaches:
The system of claim 1, The method of claim 17, wherein the network device executes authentication by checking the first secret sharing key shard comprised in the secret sharing authentication token, by estimating [the first secret sharing key shard] through a validation parameter, and by comparing [the estimated first secret sharing key shard and the first secret sharing key shard] comprised in the secret sharing authentication token (Uzun, [0036] The simple device creates content objects and, using the shared secret key, includes a hash-based message authentication code (HMAC) for each content object. The HMAC can be calculated by applying a cryptographic hash function in combination with the shared secret key to a content object. The publisher can verify the integrity and authentication of the content by calculating an HMAC based on the same cryptographic hash function and the shared key, and comparing the calculated (i.e. estimated) HMAC to the included HMAC).  
While Pourzandi-Uzun combination teaches verifying the integrity and authentication of the content by comparing the calculated HMAC with the included HMAC with the content but does not explicitly teach the estimated first secret sharing key shard, in the same field of endeavor Kang teaches:
comparing the estimated first secret sharing key shard and the first secret sharing key shard (Kang, discloses authentication method between a server ad a client based on sharing of secret keys, see [Abstract]. And [0043] In step S145, the client 100 compares the calculated (i.e. estimated) second modified secret key b' with the second modified secret key b' extracted from the second inquiry message MSG(b'). When the calculated second modified secret key b' is identical to the second modified secret key b' extracted from the second inquiry message MSG(b'), the client 100 processes the authentication of the server 200 as a success and then performs the next step S150).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have employed the teachings of Kang in the cryptographic key management of Pourzandi-Uzun in processing the authentication by comparing the calculated secret key with extracted secret key. This would have been obvious because the person having ordinary skill in the art would have been motivated to perform authentication between server and client by having client to verify that the calculated secret key is identical to the extracted secret key from inquiring message (Kang, [Abstract]).

Claim 4 is rejected under 35 U.S.C. 103 as being unpatentable over Pourzandi-Uzun as applied above, further in view of Matsumura et al (US20040179686A1, hereinafter, “Matsumura”).
Regarding claim 4, Pourzandi-Uzun combination teaches:
The system of claim 4, 
While the combination of Pourzandi-Uzun but does not explicitly teach the following limitation(s), in the same field of endeavor Matsumura teaches:
wherein the network device constructs t threshold secret sharing key shards by merging the authenticated first secret sharing key shard and the (t-1) second secret sharing key shards that are initially set (Matsumura, discloses method of reconstructing a secret shared, [Abstract]. And [0015] reconstructing secret information, a secret sharing scheme is used to generate n first shares from the secret information (2.ltoreq.n) ...Each of the t members uses the secret sharing scheme to generate t second shares from its first share, and distributes the t second shares to the t collected members. Each of the t collected members then performs part of a distributed computation by using a second share it generated itself and t-1 second shares received from the other collected members to generate an intermediate result. The original secret information is reconstructed from the t intermediate results generated by the t collected members).  
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have employed the teachings of Matsumura in the cryptographic key management of Pourzandi-Uzun by reconstructing secret shares. This would have been obvious because the person having ordinary skill in the art would have been motivated to each members of a group to reconstruct the secret shares itself without revealing member’s identity (Matsumura, [Abstract]).

Claim 5 is rejected under 35 U.S.C. 103 as being unpatentable over Pourzandi-Uzun-Matsumura as applied above, further in view of Franklin et al (US6055518A, hereinafter, “Franklin”).
Regarding claim 5, Pourzandi-Uzun-Matsumura combination teaches:
The system of claim 4, 
While the combination of Pourzandi-Uzun-Matsumura but does not explicitly teach the following limitation(s), in the same field of endeavor Franklin teaches:
wherein the network device reconstructs a threshold sharing secret key through interpolation using the t threshold secret sharing key shards (Franklin, discloses threshold secret sharing scheme in secure auction systems with distributed protocol, [Abstract]. And [Col. 5 lines 46-55] a (t, n)-threshold secret sharing scheme is, a well-known method of breaking a secret s into n shares sh.sub.1 (s) , . . . , sh.sub.n, (s), so that t+1 shares are sufficient to reconstruct s but t or fewer shares yield no information about s. In a polynomial based secret sharing scheme, the secret s is an element of a finite field F and the ith share is sh.sub.i (s)=f(i), where f(x) is a degree t polynomial such that f(0)=s and such that the other coefficients are chosen uniformly at random from F. Interpolation of any t+1 shares reconstructs f(x) and hence the secret s), 
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have employed the teachings of Franklin in the cryptographic key management of Pourzandi-Uzun reconstructing sharing secret using interpolation. This would have been obvious because the person having ordinary skill in the art would have been motivated to reconstruct the secret to verify a share has not been altered, i.e. integrity using the well-known threshold secret sharing schemes (Franklin, [Col. 5 lines 46-64]).
Matsumura further teaches: and verifies the threshold sharing secret key by comparing a secret key received from the secret sharing information management server and the reconstructed secret key (Matsumura, discloses sharing secret information by a group of members, [Abstract]. And [0088] The above authentication scheme makes use of the original secret information S as registered information that is compared with the reconstruction result to decide if the authentication is valid or not).  

Claim 7 is rejected under 35 U.S.C. 103 as being unpatentable over Pourzandi-Uzun as applied above to claim 2, further in view of Machani et al (US9954680B1, hereinafter, “Machani”).
Regarding claim 7, Pourzandi-Uzun combination teaches:
The system of claim 2, 
While the combination of Pourzandi-Uzun does not explicitly teach the following limitation(s), in the same field of endeavor Machani teaches:
wherein the network device comprises a first network device and a second network device, and wherein the first network device requests split processing of a calculation function to the second network device (Machani, discloses key splitting and reconstruction in a split-key based distributed computing environment, see [Title] and [Abstract]. And referring to Fig. 2, and [Col. 7 lines 61-65] In response to receipt of the Master Encryption Key Request 200, the Remote Management Server 14 (i.e. first network device) sends a Master Encryption Key Reconstruction Request 202 to the Key Splitting Server 10 (i.e. second network device). And referring to Fig. 5, [Col. 11 lines 25-30] At step 402, the key splitting server generates a master encryption key. At step 404, the key splitting server splits the master encryption key using a polynomial-based secret sharing technique (i.e. split processing of a calculation function), …).  
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have employed the teachings of Machani in the cryptographic key management of Pourzandi-Uzun by implementing key splitting of a master encryption key by key splitting server. This would have been obvious because the person having ordinary skill in the art would have been motivated to have key splitting server performing key splitting upon request by remote management server to split the master encryption key for benefit that the master encryption key is split with distributed devices to prevent the key from attacks (Machani, [Abstract], [Col. 3 lines 28-41]).

Claims 8, 10-11 are rejected under 35 U.S.C. 103 as being unpatentable over Pourzandi-Uzun-Machani as applied above to claim 7, further in view of Niamut et al (US20140233740A1, hereinafter, “Niamut”).
Regarding claim 8, Pourzandi-Uzun-Machani combination teaches:
The system of claim 7, 
While the combination of Pourzandi-Uzun-Machani does not explicitly teach the following limitation(s), in the same field of endeavor Niamut teaches:
wherein the first network device constructs a secret sharing authentication token for split processing and generates the interest packet comprising the secret sharing authentication token for split processing (Niamut, discloses secure distribution of content in a content distribution network, see [Title] and [Abstract]. And [0269] The second content delivery phase may start with a client in a CCU sending a content request to the CPS (step 1510) ... The first split-decryption key may be uniquely associated with the content request using a content session token (i.e. secret sharing authentication token), i.e. a unique identifier for identifying the content request session associated with the content consumption unit. The first split-decryption key d.sub.2 and the token may be stored together with the secret information S in the secure key database of the encryption module).  
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have employed the teachings of Niamut in the cryptographic key management of Pourzandi-Uzun-Machani by associating content session token with key splitting for content distribution. This would have been obvious because the person having ordinary skill in the art would have been motivated to associate the split key request using a dedicated session token for secure content distribution (Niamut, [Abstract], [0001], [0255]).

Regarding claim 10, Pourzandi-Uzun-Machani-Niamut combination further teaches:
The system of claim 8, wherein, in response to the receipt of the interest packet from the network device, the second network device processes the calculation function on the basis of information comprised in the interest packet, generates a response data packet comprising the processed calculation result, and transmits the generated response data packet to the first network device (Machani, [Col. 11 lines 26-33] At step 404, the key splitting server splits the master encryption key using a polynomial-based secret sharing technique (i.e. calculation function), … At step 406, the key splitting server distributes the key shares by i) encrypting a first one of the key shares and sending (i.e. transmits) it to a remote management server).  

Regarding claim 11, Pourzandi-Uzun-Machani-Niamut combination further teaches:
The system of claim 10, wherein the second network device encrypts the calculation result by using a secret key stored in the second network device (Machani, [Col. 11 lines 31-32] At step 406, the key splitting server distributes the key shares by i) encrypting a first one of the key shares. Examiner notes, it is obvious to one ordinary in the art that a device encrypts a data such as key shares involves using a secret key known to the device).  

Claim 12 is rejected under 35 U.S.C. 103 as being unpatentable over Pourzandi-Uzun as applied above to claim 1, further in view of El Defrawy et al (US9443089B1, hereinafter, “El Defrawy”).
Regarding claim 12, Pourzandi-Uzun combination teaches:
The system of claim 1, 
While the combination of Pourzandi-Uzun does not explicitly teach the following limitation(s), in the same field of endeavor El Defrawy teaches:
wherein the secret sharing information management server sets a server parameter necessary for performing split authentication, and wherein the server parameter comprises at least one of an arbitrary random value for masking the secret sharing key shard, a multiplier group generator of field, a modulo operation decimal value, a masking parameter of the secret sharing key shard, and a validation parameter of the secret sharing key shard (El Defrawy, discloses mobile proactive secret sharing, [Abstract]. And [Col. 6 lines 61-67] The system according to the principles of the present invention incorporates a collection of protocols implementing mobile proactive secret sharing. The system allows a secret to be distributed among an arbitrary number of servers (i.e. network devices) and dynamically transferred to a new set of servers, or redistributed among the same set of servers with fresh randomness. And [Col. 7 lines 21-29] As shown in FIG. 3, system incorporates a collection of protocols that implement mobile proactive secret sharing. … a GenPoly protocol 302 is initialized to cause the servers in the set of servers custom character to generate random polynomials of degree D).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have employed the teachings of El Defrawy in the cryptographic key management of Pourzandi-Uzun by generating random polynomials of degree in secret sharing among random number of servers. This would have been obvious because the person having ordinary skill in the art would have been motivated to include randomness in generating polynomials in secret sharing scheme and use the randomness to mask the polynomials (El Defrawy, [Abstract], [Col. 3 lines 1-20]).

Claims 13-15 are rejected under 35 U.S.C. 103 as being unpatentable over Pourzandi-Uzun as applied above to claim 1, further in view of Le Saint (US20210111875A1, hereinafter, “Le Saint”).
Regarding claim 13, similarly claim 14, Pourzandi-Uzun combination teaches:
The system of claim 1, the system of claim 1,
While the combination of Pourzandi-Uzun does not explicitly teach the following limitation(s), in the same field of endeavor Le Saint teaches:
wherein the secret sharing information management server 36receives a registration request packet from the client device (Le Saint, discloses system of secure shared key establishment for secure peer-to-peer communication, see [Abstract], [Title]. And [0005] devices registered into the peer to peer network may be capable of establishing a shared data encryption key (DEK). Each device may be configured to obtain a share of a data encryption key (DEKi) that can be stored locally. Also see Fig. 1, any one of trusted device can be viewed as the secret sharing information management server in view of teachings of Pourzandi), performs verification for a signature of the registration request packet, processes registration by checking identification information of the client device (Le Saint, [0030] a secure peer-to-peer network can be created between the devices, so long as the devices have established trust. Trust can be established between the N devices by generating certificates for each device, and adding each certificate to a registry. The certificates may provide proof of inclusion (i.e. registration) into the trusted peer-to-peer network, such that devices in the network may utilize the secure key establishment methods described herein. And [0061] the certificate request may be signed by server Si 410 using private key dsi 415A according to a digital signature algorithm. In another embodiment, a digital signature appended to the certificate request may be verified using the public key), allocates the secret sharing key shard from an available secret sharing information pool of the client device (Le Saint, [0037] a secret can be shared between the devices of network 100. …, to prevent the DEK from being stolen from any one device, the data encryption key may be split into parts, referred to as key shares or DEK shares. The key shares can be distributed amongst the devices. [0066] he DEK may be stored as parts, referred to as DEK shares, which may be distributed at each device in a group of trusted devices), encrypts the secret sharing key shard into a public key of the client device (Le Saint, [0051] At step 303, at least M−1 encrypted shares of the data encryption key is received by the requesting device from the M−1 devices. In one embodiment, each of the M−1 devices may retrieve a locally stored DEK share and may encrypt the DEK share using the public key of the requesting device), and constructs the encrypted data into a response packet signed with a secret key of the secret sharing information management server (Le Saint, [0099] a share request 814 may generated. Share request 814 may be a request for one or more data encryption key shares according to embodiments. In one embodiment, the share request 814 may be signed using both an admin digital signature and device digital signature. According to embodiments, the admin digital signature and device digital signature can be verified by a trusted device in the trusted peer to peer network in order to validate the share request 814).  
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have employed the teachings of Le Saint in the cryptographic key management of Pourzandi-Uzun by registering each trusted devices for secure shared keys. This would have been obvious because the person having ordinary skill in the art would have been motivated to have devices registered into trusted network for establishing a shared data encryption key for peer to peer communications (Le Saint, [Abstract]).

Regarding claim 15, Pourzandi-Uzun combination teaches:
The system of claim 1, 
While the combination of Pourzandi-Uzun does not explicitly teach the following limitation(s), in the same field of endeavor Le Saint teaches:
wherein the network device 37transmits a service registration request packet to the secret sharing information management server, receives a response packet from the secret sharing information management server, verifies a signature of the response packet by using a certificate of the secret sharing information management server (Le Saint, [0055] According to embodiments, secure implementation of a shard data encryption key may require an establishment of trust amongst devices in a peer-to-peer network. The trust relationship between the devices in the network may be provided through the use of certificates, which may be maintained in a registry. In embodiments, each trusted device may store a local copy of the registry and can reference the registry when verifying the certificates of other devices. And [0056] FIG. 4 shows a block diagram 400 for registration of a computing device into a trusted network according to an embodiment. As explained above, an initial step of registration may be to set up a trust relationship between devices. The process shown may be for including a server, server Si 410, into said trust relationship), decodes the response packet by using a secret key of the network device (Le Saint, [0052] At step 304, the requesting device receives and decrypts the at least M−1 encrypted shares using a private key of the requesting device), and checks and stores a secret sharing key shard of the network device (Le Saint, [0038] Requesting trusted device 10 may request DEK shares from M−1 trusted devices, which may be stored locally on each device according to the processes described further below) and an initial verifier setting parameter comprised in the response packet (Le Saint, [0085] For example, server Sk 610 may configured to check the location, status, authentication state, and/or system parameters of one or more computing devices in the trusted network to verify that the one or more computing devices in the network have not been compromised).  
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have employed the teachings of Le Saint in the cryptographic key management of Pourzandi-Uzun by registering each trusted devices for secure shared keys. This would have been obvious because the person having ordinary skill in the art would have been motivated to have devices registered into trusted network for establishing a shared data encryption key for peer to peer communications (Le Saint, [Abstract]).

Claim 16 is rejected under 35 U.S.C. 103 as being unpatentable over Pourzandi-Uzun-Le Saint as applied above to claim 15, further in view of Smith et al (US20170228547A1, hereinafter, “Smith”).
Regarding claim 16, Pourzandi-Uzun-Le Saint combination teaches:
The system of claim 15, 
While the combination of Pourzandi-Uzun-Le Saint does not explicitly teach the following limitation(s), in the same field of endeavor Smith teaches:
wherein, based on t secret sharing key shards obtained by dividing a secret key, the initial setting parameter comprises at least one among (t-1) secret sharing key shard sets, calculations of (t-2) Lagrange interpolation coefficients, and calculations of (t-1) Lagrange interpolation coefficients comprising the network device (Smith, discloses generating shares of secret data, see [Abstract]. And [0126] A secret can be reconstructed by any participant who is in possession of t or more shares, by using the Lagrange interpolation polynomials. And [0236] Specifically, when multiplication is done using Shamir scheme with a threshold t, the resulting polynomial is increased from a degree of (t−1) to 2.Math.(t−1). Re-sharing and degree reduction reduces the polynomial degree to (t−1) and enables subsequent operations on shares corresponding to the multiplication result. Degree reduction is done using Lagrange interpolation, in line with the reconstruction mechanism for Shamir scheme).  
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have employed the teachings of Smith in the cryptographic key management of Pourzandi-Uzun-Le Saint of generating shares of secret data and using Lagrange interpolation to reconstruct the secret data. This would have been obvious because the person having ordinary skill in the art would have been motivated to generate shares of secret data with benefit of protection from attacker (Smith, [Abstract], [0224-0225]).
Citation of References
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. The following references are cited but not been replied upon for this office action:
Kim et al (US20150200936A1) discloses a system for security authentication with a server generating authentication information and key for encryption, encrypts the authentication information with the key and divides the key into first information and second information to transmit the first information to the first terminal and second information and the encrypted information to a second terminal of user.
Morgner (US20160006566A1) discloses method for reading attribute stored in a ID token and use of the authentication key to authenticate the terminal to the ID token.
Engan et al (US20190312730A1) discloses method for server application to request an authentication token on behalf of a client application instance.
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MICHAEL M LEE whose telephone number is (571)272-1975.  The examiner can normally be reached on M-F: 8:30AM - 5:30PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Shewaye Gelagay can be reached on (571) 272-4219.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/MICHAEL M LEE/Examiner, Art Unit 2436