Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Information Disclosure Statements
The information disclosure statement(s) (IDS) submitted on 9/15/2020 have been considered.  The submission is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement(s) have been considered by the examiner.

Rejection under 35 U.S.C. 112(b)
Claims 9, 11, and 12 are rejected under 35 U.S.C. 112(b) as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.
Claim 9 recites: “the device certificate.” There is insufficient antecedent support for this feature.
Claims 11 and 12 recite “the second device configuration.” There is insufficient antecedent support for this feature.

Rejection under 35 U.S.C. 112(d)
The following is a quotation of 35 U.S.C. 112(d):
(d) REFERENCE IN DEPENDENT FORMS.—Subject to subsection (e), a claim in dependent form shall contain a reference to a claim previously set forth and then specify a further limitation of the subject matter claimed. A claim in dependent form shall be construed to incorporate by reference all the limitations of the claim to which it refers.

Claims 11 and 12 depend from cancelled dependent claim 6. For the purpose of examination, claims 11 and 12 will be interpreted as depending from claim 1.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-2, 4-5, 9-12, 14-15, 19, 28, 40, 43, and 48 are rejected under 35 U.S.C. 103 as being unpatentable over US 2016/0234020 to Nix (hereinafter Nix) in view of US 2017/0063810 to Bruce (hereinafter Bruce) and further in view of US 2013/0139198 to Okimoto et al. (hereinafter Okimoto).
Regarding claim 1, Nix teaches, 
A method for a device (Nix, Fig 1, Module 101) to securely receive configuration data, the method performed by the device, the method comprising: 
Nix at [0338] teaches configuration data, discussed further below.
a) storing a first device private key for an elliptic curve Diffie-Hellman (ECDH) key exchange algorithm, a second device private key for a digital signature algorithm, a certificate authority public key, and a first set of cryptographic parameters, wherein the first device private key corresponds to a first device public key, and wherein the second device private key corresponds to a second device public key;
Nix in the first two sentence of [0108] teaches the module 101 (“device”) derives a symmetric key 127 using Elliptic Curve Integrated Encryption Scheme (ECIES) and/or ECDH 159 (“elliptic curve Diffie-Hellman (ECDH) key exchange algorithm”). 
Nix in the middle of [0118] teaches module 101 may use private key 112 to derive shared keys (“first device private key for an elliptic curve Diffie-Hellman (ECDH) key exchange algorithm”).
The examiner notes that Nix in the last sentence of [0118] teaches that the module public / private keys 111 / 112 refers to a number of public / private keys that are used for: digital signatures (public/private), asymmetric encryption (public/private), and symmetric encryption (i.e., secret key or symmetric key 127).  For example, in Nix the second and third sentences of [0118] teach first public key 111 / first private 112 key that are used for encrypting and decrypting a digital signature (“second device private key for a digital signature algorithm” and corresponding “second device public key”) and the second public key 111 / second private 112 key that are used for asymmetric encryption / decryption (“first device private key” and corresponding “first device public key”). The middle of [0118] teaches that the key pairs discussed above can be used by the Module 101 (“device”) and Server 105 (“server”, recited and discussed below) to derive shared secret keys, where the Module 101 and Server 105 can derive secret key(s) (“first symmetric ciphering key”, recited and discussed below) that is/are used for symmetric encryption / decryption.  
The examiner further notes, that Nix does not always refer to the keys used for digital signatures as first … keys 111 / 112 and does not always refer to the keys used for asymmetric encryption as second … keys 111/ 112, instead, names like module public / private key 111 / 112 are used interchangeably as digital signature keys and asymmetric encryption keys for the module 101. 
Nix in the last sentence of [0118] also teaches cryptographic parameters 120 (“first set of cryptographic parameters”). Nix in the middle of [0125] teaches that the cryptographic parameters 120 can include elliptical curves to utilize in ECC, which is Elliptic Curve Cryptography (ECC), as discussed earlier in [0118].
Nix in the second sentence of [0130] teaches a certificate authority public key (“certificate authority public key”) being used to a digital signature algorithm 141d to verify signatures that are related to a first secure hash value.
b) establishing a wireless connection, wherein the wireless connection is encrypted;  
The examiner interprets the above features as being taught by, Nix in fig. 3a which teaches encrypt data from sensor for channel coding 306 (“wireless connection is encrypted”), which is sent to the server in Message 208, when Response 209 is received from the server, the response is decrypted in 307a. 
c) receiving via the wireless connection, (i) a first server public key for a server (ii) a second set of cryptographic parameters, and (iii) a random number; 
Nix in the middle of [0034] teaches that server(s) send the module with the module identity a second set of cryptographic parameters (“second set of cryptographic parameters”), which can be different than the first set of cryptographic parameters.
Nix in the first sentence of [0113] teaches the Server Public Key 114 (“first server public key”) being obtained by the module 101 (“device”) over a network. Nix in the last sentence of [0223] teaches that the Server Public Key 114 (“first server public key”) is downloaded by the Module 101 (“device”) over Wireless Network 102 from the Server 105 (“server”).
Nix in the first sentence of [0129] also teaches a secure hash value(“random number”), where secure hash values are used in the first two sentences of [0130] for authentication, as discussed below. Alternatively, Nix in the last two sentence of [0341] and fig. 3a teaches the security token (“random number”) being sent, in response 209 from the server (see fig. 3a) to the module 101 (“device”).  
d) authenticating (i) the server using at least the certificate authority public key, and (ii) the device using at least the received random number and the second device private key; 
The examiner interprets the first part (i) of the above features as authenticating … the server using at least the certificate authority public key authentication public key. 
Nix in the first two sentence of [0130] teaches signing and verifying messages between the module 101 (“device”) and the server 105 using digital signature algorithms 141d that uses the certificate authority public key to match different secure hash values that are in the form of digital signatures in a certificate (“authenticating (i) the server using at least the certificate authority public key”). See also Nix in [0267].
The examiner interprets the second part (ii) of the above features as authenticating … the device using at least the received random number and the second device private key as using the second device private key to create a digital signature, possibly using the received random number as an input to create the digital signature.
Note: above in step (a), the claim recites, “second device private key for a digital signature algorithm.” 
Nix in [0118] teaches first public key 111 / first private key 112 that are used for encrypting and decrypting a digital signature (“second device private key for a digital signature algorithm”).
Nix in the first two sentences of [0130] teaches that to verify message between the module 101 and server 105 (“authenticating … (ii) the device using …”) that secure hash values (“random number”) are used in the form of digital signatures of the digital signature algorithm 141d, which may use the first private key 112 (“second device private key”) taught above.
See also: Nix [0227] and [0360].
e) deriving a first symmetric ciphering key using at least (i) the first device private key and the first server public key, (ii) the ECDH key exchange algorithm, and (iii) the first set of cryptographic parameters; 
Nix in the first two sentence of [0108] teaches the module 101 (“device”) derives a symmetric key 127 using Elliptic Curve Integrated Encryption Scheme (ECIES) and/or ECDH 159 (“deriving a first symmetric ciphering key using … ECDH key exchange algorithm”), and also using module public key 111 (“first device private key”) and server public key 114 (“first server public key”). 
Nix in the last two sentences of [0132] teaches that the key a key derivation function 141f may be used to derive a symmetric key 127 (“first symmetric ciphering key”) using (i) a private key (“first device private key”), (ii) a token such as a public key (“first server public key”) (which is known to both devices deriving the symmetric key) and (iii) cryptographic parameters 126 (“first set of cryptographic parameters”), 
Additionally, Nix in the first two sentence of  [0133] also teaches that a key derivation function 141f can be the Diffie-Hellman key exchange (use to create a secure socket layer (SSL) with RSA algorithms 153), which includes Elliptic Curve Diffie-Hellman (ECDH) algorithms 159. Nix in the middle of [0133] teaches Cryptographic parameters 126 (“first set of cryptographic parameters”) used with key derivation function 141f with elliptic curve cryptography can include a common base point G for two nodes using the key derivation function 141f and public keys.
f) deriving a third device private key and a third device public key using the second set of cryptographic parameters; 
Nix in [0033] starts by teaching that public and private keys may be derived using a first set of cryptographic parameters (“storing … a first set of cryptographic parameters”).  
As stated above, Nix in the middle of [0034] teaches that server(s) send the module with the module identity a second set of cryptographic parameters (“second set of cryptographic parameters”), which can be different than the first set of cryptographic parameters.
Nix in the last two sentence of [0033] teaches using the second set of cryptographic parameters (“second set of cryptographic parameters”), which are sent from server(s), to derive additional module public and private keys (“deriving a third device private key and a third device public key”).
Similarly, Nix in the second sentence of [0119] teaches a first set of keys derived from first set of cryptographic parameters and a second set of keys derived from second set of cryptographic parameters.
Nix does not teach the following,
g) generating a device digital signature over at least the third device public key using the second device private key; 
However, Bruce teaches the above feature, with the exception of the underlined feature,
Bruce in [0030] briefly teaches a first installation including public/private keys, and a subsequent installation with new public / private keys.
Bruce in the second sentence of [0052] teaches S812 that generates a new public key and a new private key for a second software installation. Then S824 teaches signing (“generating a device digital signature”) the public key (“over at least the third device public key”) with a message authentication code.  
Bruce does not teach the above underlined feature,
However, Okimoto teaches the above underlined feature,
Okimoto in the third from last sentence of [0036] teaches a first level private key 152 (“second device private key”) to sign the second level public key (“third device public key”).
Moreover, Okimoto in [0036-37] teaches a public key update. Okimoto in the second half of [0037] teaches an administrator signing a second level public key with the first level private key 152 (Block 512), and the administrator also encrypting the second level public key using a secret key 154, which is similar to the teachings of Bruce. 
h) encrypting at least the derived third device public key into a first ciphertext using the derived first symmetric ciphering key; 
Bruce in fig. 8 and [0052] teaches a method 800 for encrypting a message that includes S816 encrypting the (new) public key (“third device public key”) using a shared symmetric key (“first symmetric ciphering key”). 
-180-i) sending, via the wireless connection, the first ciphertext and the device digital signature to the server; and 
Bruce [0051] teaches that method 800 for encrypting a message is provided in reference to figs. 1-6. Bruce’s encrypted message 800 is also shown in fig. 2 by encrypted message 350, which is sent from computing device 208 (“device”) to server 204 (“server”). Additionally, method 800 generates a message, including the data from the steps above S824 (“device digital signature”) and S816 (“first ciphertext”).
Nix teaches the following,
j) receiving, via the wireless connection, a second ciphertext of a first device configuration, wherein the device decrypts the second ciphertext using at least the first symmetric ciphering key.	Nix in the second to last sentence of [0405] teaches module 101 utilizing the shared secret key 129 as a symmetric key 127 (“first symmetric ciphering key”) to decrypt a received server encrypted data 504, as part of S904 in fig. 9a. 
Nix in the first two sentences of [0406], also describing S904 in fig. 9a, then teaches that after Module 101 completes authentication, it receives second set of cryptographic parameters 126 (“first device configuration”).
Similarly, Bruce in [0053] and S848 of fig. 8 teaches decrypting a message using a symmetric key (“first symmetric ciphering key”).
Before the effective filing date of the invention, it would have been obvious to one of ordinary skill in the art to combine the teachings of Nix, which teaches a device and server that separately may generate cryptographic and signing keys based on shared keys and parameters and then update the keys based on the newly generated keys, with Bruce, which teaches using previous device keys to encrypt and sign a new public key.  One of ordinary skill in the art would have been motivated to perform such an addition to provide the capability to utilize the previous keys in order to update the device with new keys, starting with the new public key by using both the signature and symmetric encryption feature to enhance security.
Before the effective filing date of the invention, it would have been obvious to one of ordinary skill in the art to combine the teachings of Nix, which teaches a device and server that separately may generate cryptographic and signing keys based on shared keys and parameters and then update the keys based on the newly generated keys, and Bruce, which teaches using previous device keys to encrypt and sign a new public key, with Okimoto, which specifically teaches signing a newly generated pubic key with a previously generated private key.  One of ordinary skill in the art would have been motivated to perform such an addition to provide the capability to utilize the previously generated private key in signing a newly generated public key.   

Regarding claim 2, Nix teaches the following,
The method of claim 1, wherein the device includes a secure element, and wherein the secure element for the device conducts steps f) and g).  
	Nix in the second sentence of [0231] teaches that the eUICC card is similar to a SIM card, both of which the examiner interprets as the “secure element.”

Regarding claim 4, Nix teaches the following,
The method of claim 1, wherein the first device configuration includes an updated configuration for the secure element.  
	Nix in the third sentence of [0238] teaches that a received eUICC (“secure element”) profile 311 can include a set of cryptographic parameters 126 (“first device configuration”). Nix in the second half of [0314] teaches eUICC (“secure element”) profile 311 received in a step 519 could comprise receiving several sets of related data (possibly in different but related responses 209), such as a first set that includes network access credentials 312 and a second set of data (“first device configuration includes an updated configuration”) that includes network parameters 310

Regarding claim 5, Nix teaches the following,
(Currently Amended) The method of claim 1, the device uses the first device private key for the ECDH key exchange algorithm and the second device private key for the digital signature algorithm.  
As stated above, Nix in the middle of [0118] teaches module 101 may use private key 112 to derive shared keys (“first device private key for an elliptic curve Diffie-Hellman (ECDH) key exchange algorithm”).
	As stated above, Nix the second and third sentences of [0118] teach first public key 111 / first private 112 key that are used for encrypting and decrypting a digital signature (“second device private key for a digital signature algorithm” and corresponding “second device public key”)

Regarding claim 9, Nix teaches the following,
The method of claim 1, further comprising: 
storing, via the device, the device certificate in the protected memory, … 
Nix in the middle of [0110] teaches that module identity 110 could be recorded in Read Only Memory 101c (ROM) (“protected memory”), which is a protected memory. Nix in the second half of [0111] teaches that the module identity 110 is part of the certificate 122.
… and using, via the device, the device certificate and the derived third device private key in order to authenticate with at least one of (i) an access network, (ii) a reporting system, and (iii) an authentication server. 
As stated above, regarding [0033-34] of Nix the second set of cryptographic parameters may be used at any time after the initial configuration is completed.  
Additionally, Nix in the second to last sentence of [0019] teaches that the automatic and remote changing of network access credentials in order for the module to utilize new or different keys (which are updated using the new / second set of cryptographic parameters) in order to connect and authenticate with a wireless network

Regarding claim 10, Nix teaches the following,
The method of claim 1, further comprising: 
k) storing a second server public key for a third set of cryptographic parameters; 
Nix in the third sentence of [0172] teaches that the method above could be performed for a set of servers. For example, as stated above, Nix in the first sentence of [0113] teaches the Server Public Key 114 (“first server public key” and “second public server key”) being obtained by the module 101 (“device”) over a network. 
Nix in the second sentence of [0173] teaches that first server 105 could use a first set of cryptographic parameters 126 and a second server could use a second and different set of cryptographic parameters 126 (“third set of cryptographic parameters”).
l) deriving a second symmetric ciphering key using (i) the derived third device private key the second server public key, (ii) the ECDH key exchange algorithm, and (iii) the third set of cryptographic parameters; and 
Nix in the first sentence of [0173] teaches module 101 could use a first module private key 111 with asymmetric ciphering algorithms 141a for receiving symmetric keys 127 (“second symmetric ciphering key”).
m) receiving a third ciphertext of a second device configuration, wherein the second ciphertext is decrypted by the device using the derived second symmetric ciphering key.  
The examiner interprets this as receiving a “second device configuration” as receiving an updated configuration, such as updated parameters. 
As discussed above, Nix in the second sentence of [0119] teaches a first set of keys derived from first set of cryptographic parameters and a second set of keys derived from second set of cryptographic parameters (“second device configuration”).

Regarding claim 11, Nix teaches the following,
The method of claim 6,
As stated above, the examiner will interpret this claim as if it depends from claim 1. 
wherein the second device configuration includes a set of network parameters, and 
Nix in the middle of [0338] teaches configuration parameters (“second device configuration”) for module 101, such as an order to change state, parameters regarding the monitoring of monitored unit 119, server names or addresses, radio frequency parameters (“network parameters”).
wherein the device authenticates with a wireless access network using the set of network parameters.  
Nix in [0169] teaches parameters 126b can specify the method of authentication. Claim 12 teaches using first and second device parameters to authenticate different wireless networks.

Regarding claim 12, Nix teaches the following,
The method of claim 6, 
As stated above, the examiner will interpret this claim as if it depends from claim 1.
wherein the second device configuration includes at least one file for the device, 
Nix in the last sentence of [0283] teaches a configuration file that includes parameters for a particular module (“device”).
wherein the at least one file is used by the device with at least one of a device operating system, a device reporting application, a secure element firmware, a secure element operating system, a transducer library, and a configuration test vector.  
	Nix at the end of [0283] teaches configuration file (“at least one file”) includes a plurality of fields specifying the operation (“a device operating system”) of module 101.

Regarding claim 14, Nix teaches the following,
The method of claim 2, 
wherein the secure element sends and receives through the device using an external bus controller for the secure element, 
Nix in the second half of [0099] teaches that the eUICC and UICC 166 (“secure element”) are connected to a bus, where the module 101 includes a connection slot. Nix in [0105] teaches that module 101 (“device”) may include a USB (“external bus controller”).
wherein the device and the secure element are connected via a data bus, and wherein the device sends and receives through a radio.  
	Nix in first sentence of [0099] teaches eUICC / UICC 166 is within module 101. The second half of [0099] teaches that device 101 includes bus 101d, as shown in fig. 1b. Nix in the middle of [0102] teaches sensor 101f (see fig. 1b) could collect long range RF signals (“receives through a radio”).  

Regarding claim 15, Nix teaches the following,
The method of claim 1, wherein the first set of cryptographic parameters specifies at least a first elliptic curve defining equation, and wherein the second set of cryptographic parameters specifies at least a second elliptic curve defining equation.  
	Nix in the third sentence / first half of [0033] teaches that the set of cryptographic parameters includes values to define an equation for an elliptic curve. Thus, the second set of cryptographic parameter (“second set of cryptographic parameters”) in the middle of [0034] of Nix, also may also include a “second elliptic curve defining equation.”

Regarding claim 19, Nix teaches the following,
The method of claim 1, wherein the device includes a tag, wherein the tag specifies a uniform resource locator (URL), wherein a configuration system uses the URL in order to receive (i) a device identity from the tag, and (ii) at least one of the first device public key and the second device public key, and wherein the configuration system includes at least the server.  
	Nix in the first half of [0289] teaches step 513 using a webpage (“URL”) obtained from a SIM card / eUICC 163 to obtain keys. Nix in the first sentence of [0290] teaches retrieving public keys in Step 513. Nix in the second half of [0290] teaches using servers 1010 to authenticate a message or subsequent module public key 11b. 
Nix in the middle of [0102] teaches that the sensor 101f (see fig. 1b) is capable of receiving RF-signals from an RF-identity tag (“a device identity from the tag”).

Regarding claim 28, Nix teaches the following,
The method of claim 1, wherein the device receives via the wireless connection, (i) the first server public key for the server (ii) the second set of cryptographic parameters, and (iii) the random number with a server digital signature, and 
Nix in the first sentence of [0113] teaches the Server Public Key 114 (“(i) the first server public key for the server”) being obtained by the module 101 (“device”) over a network.
Nix in the middle of [0034] teaches et of servers can send the module with the module identity a second set of cryptographic parameters (“(ii) the second set of cryptographic parameters”).
Nix in the last three sentences of [0341] teaches security token 401 may be a random string and may also be generated by either server 105 or module 101. If security token 401 is generated by module 101, then security token 401 may be included in message 208 and also utilized by server 105 in response 209, where the response 209 receives message from server (see fig. 3a).
wherein the device authenticates the server digital signature using at least the certificate authority public key.  
	Nix in the first sentence of [0267] teaches module 101 (“device”) may also optionally verify (“authenticates”) the server identity 206 of server 105 using a certificate 122 associated with server 105 and the public key of a certificate authority 118. Nix in the first sentence of [0268} states that Step 501a of [0267] teaches verifying server digital certificate (“device authenticates the server digital signature”).

Regarding claim 40, Nix teaches the following,
The method of claim 1, wherein the device derives the first device private key after establishing the wireless connection, and wherein the device stores the first device private key after deriving the first device private key. 
Nix in the second sentence of [0028] teaches module authentication could comprise steps established in wireless networking standards including sending a network module identity (which could be an IMSI or related identity), receiving a RAND value, inputting the RAND into the eUICC. Then, Nix in the start of [0029] teaches after authenticating the wireless network (“establishing the wireless connection”) then the module can receive a set of cryptographic parameters. The module can use the received set of cryptographic parameters and a key derivation function in order to derive a second key K (“first device private key”). 
 
Regarding claim 43, Nix teaches the following,
The method of claim 3, wherein the updated configuration includes at least one file for the secure element, wherein the at least one file is used by the secure element with at least one of a secure element firmware, a secure element operating system, a transducer library, and a configuration test vector.  
	Nix in the second half of [0282] teaches a eUICC profile 311 of an eUICC 163 (see fig. 1c). The first received eUICC profile 311 could include the shared secret key 510 and the set of cryptographic parameters 126.
	Nix in [0283] in the first sentence teaches that the parameters 126 may comprise settings for a cryptographic algorithms 141. Nix in the last sentence of [0283] teaches that parameters 126, and server address 207 could be included in a configuration file.

Regarding claim 48, Nix teaches the following,
The method of claim 1, wherein the device derives the third public key before the device authenticates the server.  
	Nix in [0119] teaches using the first set of keys (“first / second module public / private key”) second set of keys (“third public key”) to communicate between the module 101 (“device”) and first MNO 108 (see fig. 1a) and second MNO 108, where each set of keys is associated with a different set of cryptographic parameters. In [0119], the communication between the module 101 and the first and second MNO 108 occurs “before” the module 101 (“device”) communicates with the server.  	

Claim 25 is rejected under 35 U.S.C. 103 as being unpatentable over Nix in view of Bruce, in view of Okimoto, and further in view of US 2002/0024419 to Dunn (hereinafter Dunn).
Regarding claim 25, Nix teaches the following,
The method of claim 2, wherein the secure element includes a hardware random number generator, and 
Nix in the second to last sentence of [0241] teaches cryptographic parameters 126 within the received eUICC profile 311 (“secure element”), where eUICC profile 311 is inside eUICC 163, as shown in fig. 1c. Additionally, set of cryptographic algorithms 141, including a key pair generation algorithm 141e and a random number generator 128, are all inside eUICC 163 because 141 is inside the eUICC 163 as shown in fig. 1c.
Nix does not teach the following features, 
wherein the hardware random number generator uses at least a transducer measurement in order to generate a device random number, 
However, Dunn teaches the above features,
Dunn in [0074] teaches a transducer signal is used to generate a random number for use in encryption.
Similarly, Nix in the second half of [0109] teaches that the seed 128b in random number generator 128 could utilize data from a sensor 101f in order to generate a random number, however, sensor 101f is an RF-sensor.
and wherein the secure element uses the device random number to derive the third private key.  
	As discussed above regarding [0241] of Nix, the eUICC profile 311 (“secure element”) is inside the eUICC 163, as shown in fig. 1c. Additionally, as discussed above, cryptographic algorithms 141 is inside the eUICC 163, and 141 includes a key pair generation algorithm 141e and a random number generator 128. These components are used to derive all of the key pairs and symmetric key.
Before the effective filing date of the invention, it would have been obvious to one of ordinary skill in the art to combine the teachings of Nix, which teaches a device and server that separately may generate cryptographic and signing keys based on shared keys and parameters and then update the keys based on the newly generated keys, with Dunn, which teaches a transducer signal is used to generate a random number for use in encryption.  One of ordinary skill in the art would have been motivated to perform such an addition to provide the capability to utilize a transducer reading as a seed in generating a random number, which is used for encryption.

Claim 33 is rejected under 35 U.S.C. 103 as being unpatentable over Nix in view of Bruce, in view of Okimoto, and further in view of US 2017/0013022 to Buckley (hereinafter Buckley).
Regarding claim 33, Buckley  teaches the following,
The method of claim 1, wherein the device authenticates the device (i) using the received random number and the second device private key, and …
Buckley in the Abstract teaches a device that generates a signature using a nonce (“random number”) and a private key (“second device private key”).
Similarly, Nix in [0132] teaches that a random number 128 is commonly shared between two nodes, and commonly derived asymmetric keys and a secret key may be derived from the random number and other inputs such as public / private keys.
… (ii) sending the second device public key with an authenticating digital signature.  
	Buckley in the Abstract teaches establishing secure communication with the other device using the signature and session security data. 
Moreover, Buckley in the last sentence of the Abstract teaches the signature and the public key are transmitted.
Before the effective filing date of the invention, it would have been obvious to one of ordinary skill in the art to combine the teachings of Nix, which teaches a device and server that separately may generate cryptographic and signing keys based on shared keys and parameters and then update the keys based on the newly generated keys, with Buckley, which teaches a signature created using a nonce and a private key, and transmitting the signature and public key. One of ordinary skill in the art would have been motivated to perform such an addition to create a secure connection between two devices by utilizing a digital signature for authentication of a device.

Claim 39 is rejected under 35 U.S.C. 103 as being unpatentable over Nix in view of Bruce, in view of Okimoto, and further in view of US 2012/0222101 to Iwasaki et al. (hereinafter Iwasaki).
Regarding claim 39, Iwasaki teaches the following,
The method of claim 1, wherein the device receives a server certificate in step c), and wherein the device authenticates the server using at least the certificate authority public key by (i) verifying a server digital signature over at least one of the first server public key and the random number using the server certificate, and (ii) verifying the server certificate using the certificate authority public key.  
	Iwasaki in [0055] teaches server certificate with an electronic signature is transmitted by server 5, to terminal device 2. Terminal device 2 uses the public key of the certificate authority to authenticate the server certificate.   
Before the effective filing date of the invention, it would have been obvious to one of ordinary skill in the art to combine the teachings of Nix, which teaches a device and server that separately may generate cryptographic and signing keys based on shared keys and parameters and then update the keys based on the newly generated keys, with Iwasaki, which teaches a server certificate with a signature being authenticated using a public key of a certificate authority. One of ordinary skill in the art would have been motivated to perform such an addition to create the capability to use a digital certificate provided by the server to authenticate the server using the certificate authority public key.

Claims 41 and 42 are rejected under 35 U.S.C. 103 as being unpatentable over Nix in view of Bruce, in view of Okimoto, and further in view of US 2006/0239459 to Yamamichi et al. (hereinafter Yamamichi).
Regarding claim 41, Yamamichi teaches the following,
The method of claim 1, wherein the second set of cryptographic parameters specifies values for algorithms associated with a key encapsulation mechanism, and wherein the algorithms comprise one of lattice-based cryptography, code-based cryptography, and supersingular elliptic curve isogeny cryptography. (emphasis added)
Yamamichi in [0136] teaches the security judgment unit 105 derives, from the following formula, a lattice constant SL for the NTRU cryptosystem having the parameters N, p, q, df, and dg in the parameter set PS.
Before the effective filing date of the invention, it would have been obvious to one of ordinary skill in the art to combine the teachings of Nix, which teaches a device and server that separately may generate cryptographic and signing keys based on shared keys and parameters and then update the keys based on the newly generated keys, with Yamamichi, which teaches the use of a lattice as a constant. One of ordinary skill in the art would have been motivated to perform such an addition to allow the use of lattice constants as a parameter used in deriving keys.  

Regarding claim 42, Yamamichi teaches the following,
The method of claim 1, to wherein the third device public key supports at least one of lattice-based cryptography, code-based cryptography, supersingular elliptic curve isogeny cryptography, and elliptic curve cryptography. (emphasis added)  
Yamamichi in [0136] teaches the security judgment unit 105 derives, from the following formula, a lattice constant SL for the NTRU cryptosystem having the parameters N, p, q, df, and dg in the parameter set PS.
As discussed above, Nix teaches generating a “third device public key” using a second set of parameters, where the “third device public key” is included in the second set of keys, where the first set of keys include the first and second module public / private keys.
	Before the effective filing date of the invention, it would have been obvious to one of ordinary skill in the art to combine the teachings of Nix, which teaches a device and server that separately may generate cryptographic and signing keys based on shared keys and parameters and then update the keys based on the newly generated keys, with Yamamichi, which teaches the use of a lattice as a constant. One of ordinary skill in the art would have been motivated to perform such an addition to allow the use of lattice constants as a parameter used in deriving keys.  

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to BRIAN WILLIAM AVERY whose telephone number is (571) 272-3942.  The examiner can normally be reached on 9AM-5PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Farid Homayounmehr can be reached on (571) 272-3739.  
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/B.W.A./

/FARID HOMAYOUNMEHR/Supervisory Patent Examiner, Art Unit 2495