DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Claim Objections
Claim(s) 1 and 13-14 is/are objected to because of the following informalities:  
Regarding claim 1, “a physical unclonable function (hereinafter:  PUF)” should be “a physical unclonable function (PUF)”.
Regarding claim 13, “a computer-readable non-transitory storage medium” should be “a non-transitory computer-readable storage medium”.
Regarding claim 14, “A computer-readable non-transitory storage medium” should be “A non-transitory computer-readable storage medium”.
Appropriate correction is required.

Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.


(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.

Claim(s) 1-6 and 9-15 is/are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Kim et al., US-20150113275-A1 (hereinafter “KIM ‘275”).
Per claim 1 (independent):
KIM ‘275 discloses: A method of obtaining a cryptographic key in a chipset comprising:
 generating an initial configuration message using a physical unclonable function (hereinafter:  PUF) of the chipset, wherein said PUF generates a predetermined value when using the initial configuration message as input to the PUF (FIGS. 4-5, [0045], C's KoB (a chipset) has an authentication token                         
                            
                                
                                    T
                                
                                
                                    i
                                    d
                                
                            
                        
                     (that was issued by S (a client access server)) and can compute a session key sk; [0046], the authentication server S (the client access server) is represented as 502 … and the client (the chipset) is represented as 506; [0047], C sends a request message (an initial configuration message) to S via P (step 512). The message contains id and                         
                            
                                
                                    T
                                
                                
                                    i
                                    d
                                
                            
                            =
                            
                                
                                    E
                                    N
                                    C
                                
                                
                                    t
                                    k
                                    i
                                    d
                                
                            
                            
                                
                                    i
                                    d
                                    +
                                    t
                                    s
                                    +
                                    p
                                    k
                                    +
                                    Φ
                                
                            
                        
                     where Φ is a hash value                         
                            H
                            
                                
                                    i
                                    d
                                    +
                                    t
                                    s
                                    +
                                    p
                                    k
                                    +
                                    
                                        
                                            r
                                            k
                                        
                                        
                                            s
                                        
                                    
                                
                            
                        
                    ; [0053], A KoB (of the chipset) comprises a PUF (PUF), an ECDH symmetric key generator, a public key generator, a cryptographic hash function (i.e., SHA-256), and non-volatile memory such as flash memory; [0054], C's KoB keeps and manages the following information: (1) an authentication token                         
                            
                                
                                    T
                                
                                
                                    i
                                    d
                                
                            
                        
                     … (2) a PUF code pc (a predetermined value) that is derived (generated) from a private key rk (See GPK in FIG. 6; given as input to the PUF), and (3) the public key                         
                            
                                
                                    p
                                
                                
                                    k
                                    s
                                
                            
                        
                     of S; FIG. 6, [0059], GPK (610) first creates a random number rk (as a private key of its caller). For the random number rk, it then generates a public key pk and a PUF code pc using PUF code construction; Note that the private key rk is one of the parameters in the request (or authentication) message.);
transmitting the initial configuration message to a client access server; receiving an altered configuration message from the client access server, wherein the altered configuration message is generated by the client access server based on the initial configuration message (FIG. 5, [0048], Once S (the client access server) receives the message, it decrypts                         
                            
                                
                                    T
                                
                                
                                    i
                                    d
                                
                            
                        
                     in step 514 … S computes, in step 516, a shared secret ss from both its own private key rks and C's public key pk that                         
                            
                                
                                    T
                                
                                
                                    i
                                    d
                                
                            
                        
                     contains. … S now chooses two random numbers µ and κ … Thereafter, S sends C a challenge message (altered configuration message) containing µ,                         
                            
                                
                                    E
                                    N
                                    C
                                
                                
                                    s
                                    k
                                
                            
                            
                                
                                    K
                                
                            
                        
                    , and the message's MAC, in step 51.);
obtaining the cryptographic key from the PUF using the altered configuration message as input to the PUF (FIG. 5, [0049], On receiving the message (the challenge message as input to the PUF), in step 522, C asks its KoB to compute the session key sk (cryptographic key) and, if able, C can verify the received message's MAC with session key sk.; FIG. 6, [0061], CSK (630): … The session key sk is computed as follows: sk=H(µ+ss) where ss is a shared secret that CSS computes for a PUF code pc (stored in the NVM) and a public key pks (already given by S).).

Per claim 2 (dependent on claim 1):
KIM ‘275 discloses the elements detailed in the rejection of claim 1 above, incorporated herein by reference.
KIM ‘275 discloses: The method according to claim 1, wherein the PUF is part of a secure part (FIG. 4, [0053], each KoB has its own computation capability independent of its attached client device and does not use the client's memory for its internal computations.).

Per claim 3 (dependent on claim 2):
KIM ‘275 discloses the elements detailed in the rejection of claim 2 above, incorporated herein by reference.
KIM ‘275 discloses: The method according to claim 2, wherein the secure part encrypts the altered configuration message and stores the thus obtained encrypted altered configuration message in a memory (FIG. 5, [0049], On receiving the message (the altered configuration message), in step 522, C asks its KoB to compute the session key sk and, if able, C can verify the received message's MAC with session key sk.; FIG. 4, [0035], Key Obfuscation Block: KoB is embedded into a system-on-a-chip … has a … NVM (427; a memory), a PUF ( 426); Note that κ is extracted from                         
                            
                                
                                    E
                                    N
                                    C
                                
                                
                                    s
                                    k
                                
                            
                            
                                
                                    K
                                
                            
                        
                    , which is a part of the received message, encrypted with the session key sk in FIG. 5.).

Per claim 4 (dependent on claim 2):
KIM ‘275 discloses the elements detailed in the rejection of claim 2 above, incorporated herein by reference.
KIM ‘275 discloses: The method according to claim 2, further comprising setting up of a secure link between the secure part and the client access server, wherein the initial configuration message and the altered configuration message are transmitted via the secure link (FIG. 7, [0068], Once the verification is passed, client id trusts the message's sender (i.e., 5), and will use session key sk for ensuring the confidentiality and integrity of subsequent communications with S (step 718). A secure communication session (a secure link) is created using the session key in a conventional manner; [0069], A refresh-response message (the initial configuration message) including pk' is then sent back to S in step 722. On receiving the message, S creates a new authentication token                         
                            
                                
                                    T
                                
                                
                                    i
                                    d
                                
                                
                                    '
                                
                            
                        
                     … Then,                        
                             
                            
                                
                                    T
                                
                                
                                    i
                                    d
                                
                                
                                    '
                                
                            
                        
                     (the altered configuration message) … are sent to client id.).

Per claim 5 (dependent on claim 2):
KIM ‘275 discloses the elements detailed in the rejection of claim 2 above, incorporated herein by reference.
KIM ‘275 discloses: The method according to claim 2, further comprising setting up of a secure link between the secure part and the client access server, wherein the cryptographic key is transmitted via the secure link (FIG. 7, [0068], Once the verification is passed, client id trusts the message's sender (i.e., 5), and will use session key sk for ensuring the confidentiality and integrity of subsequent communications with S (step 718). A secure communication session (a secure link) is created using the session key in a conventional manner; [0069], A refresh-response message including pk' (cryptographic key) is then sent back to S in step 722. On receiving the message, S creates a new authentication token                         
                            
                                
                                    T
                                
                                
                                    i
                                    d
                                
                                
                                    '
                                
                            
                        
                     … Then,                        
                             
                            
                                
                                    T
                                
                                
                                    i
                                    d
                                
                                
                                    '
                                
                            
                        
                      … are sent to client id.).

Per claim 6 (dependent on claim 4):
KIM ‘275 discloses the elements detailed in the rejection of claim 4 above, incorporated herein by reference.
KIM ‘275 discloses: The method according to claim 4, wherein the secure link is implemented using an authenticated Diffie-Hellman key exchange protocol (By design, the user is allowed to access a KoB using only the KoB access interfaces. Elliptic Curve Diffie-Hellman (ECDH) allows two parties (i.e., a pair of a client and an authentication server in TSAF), each having an elliptic curve public-private key pair, to know a shared secret without directly exchanging key materials.).

Per claim 9 (dependent on claim 1):
KIM ‘275 discloses the elements detailed in the rejection of claim 1 above, incorporated herein by reference.
KIM ‘275 discloses: The method according to claim 1, wherein information about the authenticity, serial number, origin, and/or production of the chipset is transmitted to the client access server, and wherein the altered configuration message is generated by the client access server depending on the information (FIG. 5, [0046], the authentication server S (the client access server) is represented as 502 … and the client (the chipset) is represented as 506; [0047], C sends a request message to S via P (step 512). The message contains id and                         
                            
                                
                                    T
                                
                                
                                    i
                                    d
                                
                            
                            =
                            
                                
                                    E
                                    N
                                    C
                                
                                
                                    t
                                    k
                                    i
                                    d
                                
                            
                            
                                
                                    i
                                    d
                                    +
                                    t
                                    s
                                    +
                                    p
                                    k
                                    +
                                    Φ
                                
                            
                        
                    ; [0049], On receiving the message (the altered configuration message), in step 522, C asks its KoB to compute the session key sk; Note that the request message                         
                            
                                
                                    T
                                
                                
                                    i
                                    d
                                
                            
                        
                     includes information about the KoB (the chipset).).

Per claim 10 (dependent on 1):
KIM ‘275 discloses the elements detailed in the rejection of claim 1 above, incorporated herein by reference.
The limitations of the claim(s) correspond(s) to features of claim 1 and the claim(s) is/are rejected for the reasons detailed with respect to claim 1.

Per claim 11 (dependent on 1):
KIM ‘275 discloses the elements detailed in the rejection of claim 1 above, incorporated herein by reference.
The limitations of the claim(s) correspond(s) to features of claim 1 and the claim(s) is/are rejected for the reasons detailed with respect to claim 1.

Per claim 12 (dependent on 10):
KIM ‘275 discloses the elements detailed in the rejection of claim 10 above, incorporated herein by reference.
KIM ‘275 discloses: The device according to claim 10, wherein the device is an internet-of-things device ([0020], Advantageously, illustrative embodiments of the invention address the EV authentication problem under hostile communication environments; [0021], as the number of EVs grows, plug-in EV charging will become part of the Internet of Things (IoTs).).

Per claim 13 (dependent on 1):
KIM ‘275 discloses the elements detailed in the rejection of claim 1 above, incorporated herein by reference.
The limitations of the claim(s) correspond(s) to features of claim 1 and the claim(s) is/are rejected for the reasons detailed with respect to claim 1.

Per claim 14 (dependent on 1):
KIM ‘275 discloses the elements detailed in the rejection of claim 1 above, incorporated herein by reference.
The limitations of the claim(s) correspond(s) to features of claim 1 and the claim(s) is/are rejected for the reasons detailed with respect to claim 1.

Per claim 15 (dependent on 11):
KIM ‘275 discloses the elements detailed in the rejection of claim 11 above, incorporated herein by reference.
The limitations of the claim(s) correspond(s) to features of claim 11 and the claim(s) is/are rejected for the reasons detailed with respect to claim 11.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claim(s) 7-8 is/are rejected under 35 U.S.C. 103 as being unpatentable over KIM ‘275 in view of Merchan et al., US-20140258736-A1 (hereinafter “Merchan ‘736”).
Per claim 7 (dependent on claim 1):
KIM ‘275 discloses the elements detailed in the rejection of claim 1 above, incorporated herein by reference.
KIM ‘275 does not disclose but Merchan ‘736 discloses: The method according to claim 1, wherein the cryptographic key is used to bootstrap security measures of the chipset (FIG. 3, [0042], operating a trusted processor to control the execution of instructions for software programs and to control access to data during the execution of the software programs; [0044], The SRAM-PUF response, Pe, serves as a cryptographic secret (cryptographic key) that is not consistent between different manufactured copies of the trusted processor and that bootstraps a unique device identity (of the chipset), per-application encryption and authentication keys, and random number generation.).
It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have modified KIM ‘275 with the cryptographic secret derived from a SRAM-PUF response for bootstrapping cryptographic operations as taught by Merchan ‘736 because it would reduce the TCB (trusted computing base) without requiring long-term storage of secret data in non-volatile memory while still ensuring the system security [0005][0044]. Additionally, Merchan ‘736 is analogous to the claimed invention because it teaches generating with a trusted processor a cryptographic key based on a physically unclonable function (See [0006]).

Per claim 8 (dependent on claim 1):
KIM ‘275 discloses the elements detailed in the rejection of claim 1 above, incorporated herein by reference.
KIM ‘275 does not disclose but Merchan ‘736 discloses: The method according to claim 1, wherein the cryptographic key is used as a root key in a key ladder to obtain one or more further cryptographic keys (FIG. 3, [0042], operating a trusted processor to control the execution of instructions for software programs and to control access to data during the execution of the software programs; [0044], The trusted processor uses the SRAM-PUF response to generate the root key, Kp … enables the processor to generate a hierarchy of derived keys (a key ladder).).
It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have modified KIM ‘275 with the root key enabling a processor to generate a hierarchy of derived keys as taught by Merchan ‘736 because it would reduce the TCB (trusted computing base) without requiring long-term storage of secret data in non-volatile memory while still ensuring the system security [0005][0044].

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SANGSEOK PARK whose telephone number is (571)272-4332. The examiner can normally be reached Monday-Thursday 7:30-5:30 and Alternate Fridays 8:30-5:30.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, PHILIP CHEA can be reached on (571)272-3951. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/SANGSEOK PARK/Examiner, Art Unit 2499                                                                                                                                                                                                        /PHILIP J CHEA/Supervisory Patent Examiner, Art Unit 2499