DETAILED ACTION
This Final Office Action is in response to amendment filed on 04/20/2022. Claims 1, 5-9, 12-13, 17-18 have been amended. Claim 20 has been added. Claims 1-20  remain pending in the application. 

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Drawings
The drawings filed on 01/15/2021 are accepted.

Information Disclosure Statement
The information disclosure statements (IDS) submitted on 04/06/2022 have been considered. The submission is in compliance with the provisions of 37 CFR 1.97.  Accordingly an initialed and dated copy of Applicant's IDS form 1449 filed 04/06/2022 are attached to the instant Office action. 

Response to Amendment 
Applicant’s claims amendments have overcome the objection previously set forth in the Non-Final Office Action mailed on 01/25/2022.
 Applicant’s claims amendments have overcome the USC 112(b) rejection previously set forth in the Non-Final Office Action mailed on 01/05/2022.
Response to Arguments 
Applicant's arguments filed 04/20/2022 have been fully considered but they are not persuasive.
Applicant stated “The Applicant respectfully asserts that the combination of McCallum and Ahonen fails to disclose all of the limitations set forth in claims 1, 9, and 12, and consequently does not render obvious claims 1-20. Claims 1-20 are allowable over the combination of McCallum and Ahonen because the combination of McCallum and Ahonen fails to disclose sending the first authorization key ciphertext that enables the second terminal device to perform file decryption of an encrypted file on the server based on the file key… Claim 1 sends the first authorization key ciphertext that enables the second terminal device to perform file decryption of an encrypted file on the server based on the file key… In rejecting independent claim 1, the Examiner asserts that McCallum 's paragraphs 20 and 22 disclose sending a first authorization key ciphertext to a second terminal device to enable the second terminal device to perform file decryption based on a file key. See Office Action dated January 25, 2022 (Office Action), pp. 6 and 7. The Office Action maps McCallum's computing device 102 to the first terminal device, the decryption server 106 to the second terminal device, and disk encryption key (DEK) to a file key of claim 1 While McCallum's decryption server obtains a KEK from the E-KEK, which is used to obtain a file key, McCallum's second terminal device does not decrypt encrypted data using the file key but instead sends it to the first terminal device for decrypting the encrypted data of a data file… McCallum's second terminal device does not decrypt encrypted data using the file key but instead sends it to the first terminal device for obtaining decrypted data. Further, McCallum does not disclose sending a first authorization key ciphertext to a second terminal device to enable the second terminal device to perform file decryption based on a file key. Therefore, claims 1-20 are allowable over McCallum's… Ahonen does not overcome the deficiencies in McCallum. Ahonen was cited for disclosing sending a first authorization key ciphertext to enable the second terminal to decrypt the first authorization key ciphertext. See id pp. 7 and 8. However, Ahonen does not disclose sending a first authorization key ciphertext to a second terminal device to enable the second terminal device to perform file decryption based on a file key. Therefore, claims 1-20 are  allowable over McCallum and Ahonen.”
Examiner respectfully disagrees with respect to the above argued remarks pertaining to Ahonen. McCallum discloses a decryption server 106, i.e. second terminal device, which is used to performs the decryption of the encrypted KEK, i.e. authorization key ciphertext, and sends back the decrypted KEK, i.e. authorization key of the current version, to the first terminal 102 in order to decrypt encrypted file key and accordingly decrypt encrypted data based on the file key. Therefore, examiner submits that  McCallum does not disclose performing the decryption of data based on file key at the second terminal through the server. However, Ahonen discloses the above argued deficiencies. Particularly, Ahonen discloses a tree structure of nodes/member devices illustrated in Figure 1, where the Ahonen discloses in e.g. [0041] a root node (GC), construed as a first terminal device, sending a message to each terminal, e.g. M1, i.e. leaf node, construed as a second terminal device, where the message received by M1 enables M1 to obtain/recover/decrypt TEK, i.e. file key, based on decrypted KEK, in order to decrypt data, where the message is obtained from an intermediate node above M1, construed as a server. Therefore, GC sends M1, through intermediate node, i.e. server, encrypted LKH keys, encrypted TEKS, and encrypted KEK i.e. first authorization key ciphertext, which enables M1 to decrypt KEK using M1’s private key, in order to obtain the KEK, i.e. authorization key of the current version, and this in turn enables M1 to obtain decrypted  LKH and TEK, i.e. file key, based on KEK, and consequently, performing decryption of data received by M1 as disclosed in [0036], passed through the intermediary node, i.e. server. Therefore, McCallum in view of Ahonen discloses the amended independent claims 1, 9 and 12.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.

Claims 1-2, 9-10 and 12-13 are rejected under 35 U.S.C. 103 as being unpatentable over McCallum (US 20170149564 A1), hereinafter McCallum in view of Ahonen et. al. (US 20060168446 A1), hereinafter Ahonen.
	Regarding claim 1 (Currently Amended), McCallum teaches an information processing method implemented by a first terminal device (McCallum Abstract discloses information processing method by computing device 102 illustrated in Figure 2) and comprising: 
encrypting an authorization key of a current version based on a public key of a second terminal device; [[to]] obtaining a first authorization key ciphertext corresponding to the second terminal device responsive to encrypting the authorization key of the current version (McCallum [0016] “…to further protect the KEK (i.e. authorization key of a current version) from unauthorized access, processing device 120 may further execute an asymmetric-key encryption module 124 to encrypt the KEK into an encrypted KEK (E-KEK) 116 (i.e. first authorization key ciphertext) using a public key 118 of an asymmetric key pair, whereas the asymmetric-key encryption module 124 may implement an asymmetric-key encryption algorithm that uses the public key to encrypt the KEK into E-KEK 116 and uses a private key 128 of the asymmetric key pair to decrypt E-KEK 116 to restore the KEK. In one implementation, processing device 120 may store E-KEK 116 on data drive 110. In contrast, as shown in FIG. 1, computing device 102 and processing device 104 do not have access to private key 128. Instead, private key 128 is stored separately in a secured storage device 126 accessible by decryption server 106 (i.e. second terminal device).”, where the asymmetric key pair, public key and associated private key only accessible by the secured storage device 126 accessible by decryption server 10 corresponding to the second terminal device, where the generated KEK in Figure 2 corresponds to the current version, where the encrypted KEK (E-KEK) 116 (i.e. first authorization key ciphertext), encrypted with a public key corresponding to the decryption server’s private key, is obtained after (in response to) encrypting KEK (i.e. authorization key of the current version) ); and 
sending, to the second terminal device [through a server], the first authorization key ciphertextthat enables the [second] terminal device to decrypt, based on a private key of the second terminal device, the first authorization key ciphertext to obtain the authorization key of the current version (McCallum [0020] “The requestor can be the computing device 102 or a user account that has the permission to access encrypted data 112. Processing device 112 may retrieve E-KEK 116 from data drive 110 and then transmit, via network 108 to decryption server 106, a decryption request. In one implementation, the E-KEK 116 may be volume-specific, i.e., the E-KEK is associated with a volume in data drive 110, whereas the data in the volume is encrypted with a key encrypted by the E-KEK. The decryption request may include the identifier of the requestor and E-KEK 116, requesting decryption server 106 to perform a decryption service on E-KEK 116.”,  Figure 2 illustrates sending request to decryption server 106 including the E-KEK 116 corresponding to the first authorization key ciphertext, [0021] “In response to receiving the decryption request, the second processing device of decryption server 106 may retrieve private key 128 from storage 126, whereas private key 128 may be used to decrypt E-KEK 116 that is encrypted using public key 118…Using the private key 128, the second processing device of decryption server 106 may execute asymmetric-key decryption module 130 to decrypt E-KEK 116 to produce the KEK and transmit the produced KEK to computing device 102. ”), 
McCallum discloses the aforementioned limitations, where the decryption server 106, i.e. second terminal, receives the encrypted KEK, i.e. authorization key ciphertext, and performs the decryption of the KEK, however, McCallum does not disclose sending the encrypted KEK through a server, to the second terminal to decrypt the encrypted KEK and to obtain by the decryption server the file key to decrypt encrypted data from file received from the server. 
Ahonen discloses sending, to the second terminal device through a server, the first authorization key ciphertext and enable the second terminal device to decrypt, based on a private key of the second terminal device, the first authorization key ciphertext to obtain the authorization key of the current version (Ahonen [0041] “the GC generates a TEK, LKH keys, and KEKs for each of the authenticated terminals. The GC then constructs a message (as illustrated in FIG. 2) for each terminal including the KEK encrypted (i.e. authorization key) with the public key of the terminal, and the TEK and LKH keys in the chain to that terminal encrypted with the KEK. The messages are unicast to respective receivers in the subnet. Each terminal can decrypt its own message in order to recover the TEK and the appropriate LKH keys.”, where recovering the TEK is performed by first decrypting and recovering the KEK (i.e. authorization key), utilizing the terminal private key associated with the public key that was used to encrypt the KEK, as disclosed in [0007, 0010, 0017], where the message to e.g. terminal M1 in Figure 1 is sent through intermediary nodes, i.e. through server, [0036] “The role of the GC is to generate the KEKs, TEK, and a suitable set of LKH keys and to distribute these to other members of the group. Any one of the participants in the teleconference may use the (current) TEK to decrypt received data encrypted with the TEK, and may use the TEK to encrypt data and multicast this to the other participants.”).
Ahonen further discloses for the second device to obtain a file key from a server based on the authorization key of the current version, and perform file decryption of an encrypted file on the server based on the file key (Ahonen discloses in [0041] the GC distributing to a second terminal/node: KEKs (i.e. authorization key of the current version), encrypted with public key associated with a second terminal, and TEK, and encrypted LKH keys (i.e. file key), encrypted with KEK, such that the second terminal decrypts the encrypted KEK using the private key of the second terminal in order to obtain KEK, (i.e. authorization key of the current version), and in turn, decrypt the encrypted TEK, and encrypted LKH keys (i.e. file key) in order to obtain/recover the TEK, and encrypted LKH keys (i.e. file key), where the obtained/recovered TEK is used by the second terminal/node to perform decryption of data received/obtained, as disclosed in [0036] “The role of the GC is to generate the KEKs, TEK, and a suitable set of LKH keys and to distribute these to other members of the group. Any one of the participants in the teleconference may use the (current) TEK to decrypt received data encrypted with the TEK, and may use the TEK, i.e. based on TEK, to encrypt data and multicast this to the other participants.”, where the message to e.g. terminal M1 in Figure 1 is sent through intermediary nodes, i.e. through server, indicating that the encrypted data has to have passed through the intermediary node, i.e. on the intermediary node, and reach the destination node and get decrypted.
[0019] “e.g. the group controller, multicasts a stream of data to several other nodes.”, [0029] “Example of multicast/broadcast services include the distribution of streaming data to subscribers, e.g. audio, multimedia, etc., and teleconferencing (again, audio, multimedia, etc.).”).
Therefore, It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified McCallum to incorporate the teaching of Ahonen to utilize the above feature, with the motivation of maintain secure connection between controller and receiving nodes, as recognized by (Ahonen [0006]).

Regarding claim 2 (Original), McCallum in view of Ahonen teaches the information processing method of claim 1, 
further comprising: encrypting a key of an encrypted file based on the authorization key of the current version to obtain a key ciphertext of the encrypted file (McCallum [0018] “As shown in FIG. 1, computing device 102 may perform encryption of DEK using a key encryption key (KEK) to generate an encrypted DEK (E-DEK)  (i.e. key ciphertext) and perform encryption of KEK using public key 118 of an asymmetric encryption key pair.”); and 
sending the key ciphertext to the server (McCallum Figure 2 [0026] “[0026] At 206, processing device 120 may execute symmetric-key encryption/decryption module 122 to encrypt the DEK using the previously-generated KEK to generate encrypted DEK (E-DEK) 114 and store the generated E-DEK 114 on data drive 110.”, where the data drive 110 is part of the data server 104 in Figure 1), 
wherein the key ciphertext of the encrypted file enables the [second] terminal device to obtain the key ciphertext from the server, decrypt the key ciphertext based on the authorization key of the current version to obtain the key of the encrypted file, and decrypt, based on the key of the encrypted file, the encrypted file stored on the server (McCallum discloses in [0028-0030] enabling the computing device 102 to obtain the E-DEK 114, i.e. key ciphertext and E-KEK 116, i.e. authorization key ciphertext from the data server 104, decrypt the E-DEK 114 based on the KEK to obtain DEK and decrypt the encrypted data 112 stored on the server 107 based on the DEK, as further illustrated in Figure 2).
McCallum discloses the first terminal device to obtain the encrypted DEK from the data server to be able to decrypt the encrypted DEK and obtain DEK and accordingly decrypt the encrypted data/file using the DEK, however, McCallum does not disclose the below limitations. the second terminal obtaining the encrypted DEK to be able to decrypt it and then use the DEK to decrypt the decrypted data. Emphasis in Italic.
Ahonen discloses the second terminal device to obtain the key ciphertext from the server, decrypt the key ciphertext based on the authorization key of the current version to obtain the key of the encrypted file, and decrypt, based on the key of the encrypted file (Ahonen [0041] “the GC generates a TEK, LKH keys, and KEKs for each of the authenticated terminals. The GC then constructs a message (as illustrated in FIG. 2) for each terminal including the KEK encrypted (i.e. authorization key) with the public key of the terminal, and the TEK and LKH keys (i.e. key) in the chain to that terminal encrypted with the KEK. The messages are unicast to respective receivers in the subnet. Each terminal can decrypt its own message in order to recover the TEK and the appropriate LKH keys.”, where recovering the TEK from its encrypted form, corresponding to the key ciphertext, is performed by first decrypting and recovering the KEK, utilizing the terminal private key associated with the public key that was used to encrypt the KEK, as disclosed in [0007, 0010, 0017], where the message to e.g. terminal M1 in Figure 1 is sent through intermediary nodes, i.e. through server, [0036] “ The role of the GC is to generate the KEKs, TEK, and a suitable set of LKH keys and to distribute these to other members of the group. Any one of the participants in the teleconference may use the (current) TEK to decrypt received data encrypted with the TEK, and may use the TEK to encrypt data and multicast this to the other participants.”).
Therefore, It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified McCallum to incorporate the teaching of Ahonen to utilize the above feature, with the motivation of maintain secure connection between controller and receiving nodes, as recognized by (Ahonen [0006]).

Regarding claim 9 (Currently Amended), McCallum teaches an information processing method implemented by a second terminal device (McCallum Abstract discloses information processing method by computing device 102 and decryption server 106, corresponding to the second terminal device, illustrated in Figure 2) and comprising: 
receiving, from a first terminal device [through a server], a first authorization key ciphertext corresponding to the second terminal device (McCallum [0020] “The requestor can be the computing device 102 or a user account that has the permission to access encrypted data 112. Processing device 112 may retrieve E-KEK 116 from data drive 110 and then transmit, via network 108 to decryption server 106, a decryption request. In one implementation, the E-KEK 116 may be volume-specific, i.e., the E-KEK is associated with a volume in data drive 110, whereas the data in the volume is encrypted with a key encrypted by the E-KEK. The decryption request may include the identifier of the requestor and E-KEK 116, requesting decryption server 106 to perform a decryption service on E-KEK 116.”,  Figure 2 illustrates sending request to decryption server 106 including the E-KEK 116 corresponding to the first authorization key ciphertext, [0021] “In response to receiving the decryption request, the second processing device of decryption server 106 may retrieve private key 128 from storage 126, whereas private key 128 may be used to decrypt E-KEK 116 that is encrypted using public key 118…Using the private key 128, the second processing device of decryption server 106 may execute asymmetric-key decryption module 130 to decrypt E-KEK 116 to produce the KEK and transmit the produced KEK to computing device 102.”, decryption server 106 corresponds to the second terminal device, where the generated KEK in Figure 2 corresponds to the current version); 
decrypting, based on a private key of the second terminal device, the first authorization key ciphertext, [[to]] obtaining the authorization key of the current version responsive to decrypting the first authorization key ciphertext (McCallum [0021] “In response to receiving the decryption request, the second processing device of decryption server 106 may retrieve private key 128 from storage 126, whereas private key 128 may be used to decrypt E-KEK 116 that is encrypted using public key 118…Using the private key 128, the second processing device of decryption server 106 may execute asymmetric-key decryption module 130 to decrypt E-KEK 116 to produce the KEK and transmit the produced KEK to computing device 102.”, where the KEK (i.e. authorization key of the current version), is obtained after (in response to) decrypting (E-KEK) 116  (i.e. first authorization key ciphertext)); 
McCallum discloses the aforementioned limitations, where the decryption server 106, i.e. second terminal, receives the encrypted KEK, i.e. authorization key ciphertext, and performs the decryption of the KEK, however, McCallum does not disclose sending the encrypted KEK through a server, to the second terminal to decrypt the encrypted KEK and to obtain by the decryption server the file key to decrypt encrypted data from file received from the server. 
Ahonen discloses receiving a first authorization key ciphertext corresponding to the second terminal device from a first terminal device through a server (Ahonen [0041] “the GC generates a TEK, LKH keys, and KEKs for each of the authenticated terminals. The GC then constructs a message (as illustrated in FIG. 2) for each terminal including the KEK encrypted (i.e. authorization key) with the public key of the terminal, and the TEK and LKH keys in the chain to that terminal encrypted with the KEK. The messages are unicast to respective receivers in the subnet. Each terminal can decrypt its own message in order to recover the TEK and the appropriate LKH keys.”, where recovering the TEK is performed by first decrypting and recovering the KEK, utilizing the terminal private key associated with the public key that was used to encrypt the KEK, as disclosed in [0007, 0010, 0017], where the message to e.g. terminal M1 in Figure 1 is sent through intermediary nodes, i.e. through server, where a leaf terminal M1 corresponds to the second terminal, root or GC terminal correspond so the first terminal, server corresponds to the intermediary nodes between the leaf node and the root node, [0036] “The role of the GC is to generate the KEKs, TEK, and a suitable set of LKH keys and to distribute these to other members of the group. Any one of the participants in the teleconference may use the (current) TEK to decrypt received data encrypted with the TEK, and may use the TEK to encrypt data and multicast this to the other participants.”).
Ahonen further discloses obtaining a file key from the server based on the authorization key of the current version; and performing a file decryption of an encrypted file on the server based on the file key (Ahonen discloses in [0041] the GC distributing to a second terminal/node: KEKs (i.e. authorization key of the current version), encrypted with public key associated with a second terminal, and TEK, and encrypted LKH keys (i.e. file key), encrypted with KEK, such that the second terminal decrypts the encrypted KEK using the private key of the second terminal in order to obtain KEK, (i.e. authorization key of the current version), and in turn, decrypt the encrypted TEK, and encrypted LKH keys (i.e. file key) in order to obtain/recover the TEK, and encrypted LKH keys (i.e. file key), where the obtained/recovered TEK is used by the second terminal/node to perform decryption of data received/obtained, as disclosed in [0036] “The role of the GC is to generate the KEKs, TEK, and a suitable set of LKH keys and to distribute these to other members of the group. Any one of the participants in the teleconference may use the (current) TEK to decrypt received data encrypted with the TEK, and may use the TEK, i.e. based on TEK, to encrypt data and multicast this to the other participants.”, where the message to e.g. terminal M1 in Figure 1 is sent through intermediary nodes, i.e. through server, indicating that the encrypted data has to have passed through the intermediary node).
Therefore, It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified McCallum to incorporate the teaching of Ahonen to utilize the above feature, with the motivation of maintain secure connection between controller and receiving nodes, as recognized by (Ahonen [0006]).

Regarding claim 10 (Original), McCallum in view of Ahonen teaches the information processing method of claim 9, further comprising: 
McCallum does not teach the below limitation.
Ahonen discloses obtaining a key ciphertext of an encrypted file from the server, wherein the key ciphertext is based on an encryption of a key of the encrypted file based on the authorization key of the current version (Ahonen [0041] “the GC generates a TEK, LKH keys, and KEKs for each of the authenticated terminals. The GC then constructs a message (as illustrated in FIG. 2) for each terminal including the KEK encrypted (i.e. authorization key) with the public key of the terminal, and the TEK and LKH keys in the chain to that terminal encrypted with the KEK. The messages are unicast to respective receivers in the subnet”, where the received encrypted TEK and LKH keys, i.e. key ciphertext, are encrypted with KEK, i.e. authorization key of the current version); 
decrypting the key ciphertext based on the authorization key of the current version to obtain the key of the encrypted file; and decrypting, based on the key of the encrypted file, the encrypted file stored on the server (Ahonen [0041] “Each terminal can decrypt its own message in order to recover the TEK and the appropriate LKH keys.”, where recovering the TEK is performed by first decrypting and recovering the KEK, utilizing the terminal private key associated with the public key that was used to encrypt the KEK, as disclosed in [0007, 0010, 0017], where the message to e.g. terminal M1 in Figure 1 is sent through intermediary nodes, i.e. through server, [0036] “The role of the GC is to generate the KEKs, TEK, and a suitable set of LKH keys and to distribute these to other members of the group. Any one of the participants in the teleconference may use the (current) TEK to decrypt received data encrypted with the TEK, and may use the TEK to encrypt data and multicast this to the other participants.”).
Therefore, It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified McCallum to incorporate the teaching of Ahonen to utilize the above feature, with the motivation of maintain secure connection between controller and receiving nodes, as recognized by (Ahonen [0006]).

Regarding claim 12 (Currently Amended), McCallum teaches a first terminal device (McCallum Abstract discloses information processing method by computing device 102 illustrated, i.e. first terminal, in Figure 2) comprising: 
a processor configured to encrypt an authorization key of a current version based on a public key of a second terminal device; and [[to]] obtain a first authorization key ciphertext corresponding to the second terminal device in response to encrypting the authorization key of the current version (McCallum [0016] “…to further protect the KEK (i.e. authorization key of a current version) from unauthorized access, processing device 120 may further execute an asymmetric-key encryption module 124 to encrypt the KEK into an encrypted KEK (E-KEK) 116 (i.e. first authorization key ciphertext) using a public key 118 of an asymmetric key pair, whereas the asymmetric-key encryption module 124 may implement an asymmetric-key encryption algorithm that uses the public key to encrypt the KEK into E-KEK 116 and uses a private key 128 of the asymmetric key pair to decrypt E-KEK 116 to restore the KEK. In one implementation, processing device 120 may store E-KEK 116 on data drive 110. In contrast, as shown in FIG. 1, computing device 102 and processing device 104 do not have access to private key 128. Instead, private key 128 is stored separately in a secured storage device 126 accessible by decryption server 106 (i.e. second terminal device).”, where the asymmetric key pair, public key and associated private key, are only accessible by the secured storage device 126 accessible by decryption server 10 corresponding to the second terminal device, where the generated KEK in Figure 2 corresponds to the current version, Figure 5 illustrates processor to perform the above method, as disclosed in [0011], where the encrypted KEK (E-KEK) 116 (i.e. first authorization key ciphertext), encrypted with a public key corresponding to the decryption server’s private key, is obtained after (in response to) encrypting KEK (i.e. authorization key of the current version)); and 
a transmitter coupled to the processor and configured to send, to the second terminal device [through a server], the first authorization key ciphertext, that is configured to enable the [second] terminal device to decrypt, based on a private key of the second terminal device, the first authorization key ciphertext to obtain the authorization key of the current version (McCallum [0020] “The requestor can be the computing device 102 or a user account that has the permission to access encrypted data 112. Processing device 112 may retrieve E-KEK 116 from data drive 110 and then transmit, via network 108 to decryption server 106, a decryption request. In one implementation, the E-KEK 116 may be volume-specific, i.e., the E-KEK is associated with a volume in data drive 110, whereas the data in the volume is encrypted with a key encrypted by the E-KEK. The decryption request may include the identifier of the requestor and E-KEK 116, requesting decryption server 106 to perform a decryption service on E-KEK 116.”,  Figure 2 illustrates sending request to decryption server 106 including the E-KEK 116 corresponding to the first authorization key ciphertext, [0021] “In response to receiving the decryption request, the second processing device of decryption server 106 may retrieve private key 128 from storage 126, whereas private key 128 may be used to decrypt E-KEK 116 that is encrypted using public key 118…Using the private key 128, the second processing device of decryption server 106 may execute asymmetric-key decryption module 130 to decrypt E-KEK 116 to produce the KEK and transmit the produced KEK to computing device 102.”, where the transmission and reception performed by computing device 102 and decryption server 106 illustrated in Figure 2, indicate that the computing device 102 and the decryption server comprise a transmitter and a receiver), 
McCallum discloses the aforementioned limitations, where the decryption server 106, i.e. second terminal, receives the encrypted KEK, i.e. authorization key ciphertext, and performs the decryption of the KEK, however, McCallum does not disclose sending the encrypted KEK through a server, to the second terminal to decrypt the encrypted KEK and to obtain by the decryption server the file key to decrypt encrypted data from file received from the server. 
Ahonen discloses second terminal device through a server, the first authorization key ciphertext, that is configured to enable the second terminal device to decrypt, based on a private key of the second terminal device, the first authorization key ciphertext to obtain the authorization key of the current version (Ahonen [0041] “the GC generates a TEK, LKH keys, and KEKs for each of the authenticated terminals. The GC then constructs a message (as illustrated in FIG. 2) for each terminal including the KEK encrypted (i.e. authorization key) with the public key of the terminal, and the TEK and LKH keys in the chain to that terminal encrypted with the KEK. The messages are unicast to respective receivers in the subnet. Each terminal can decrypt its own message in order to recover the TEK and the appropriate LKH keys.”, where recovering the TEK is performed by first decrypting and recovering the KEK, utilizing the terminal private key associated with the public key that was used to encrypt the KEK, as disclosed in [0007, 0010, 0017], where the message to e.g. terminal M1 in Figure 1 is sent through intermediary nodes, i.e. through server, [0036] “The role of the GC is to generate the KEKs, TEK, and a suitable set of LKH keys and to distribute these to other members of the group. Any one of the participants in the teleconference may use the (current) TEK to decrypt received data encrypted with the TEK, and may use the TEK to encrypt data and multicast this to the other participants.”),
Ahonen further discloses to obtain a file key from a server based on the authorization key of the current version, and perform a file decryption of an encrypted file on the server based on the file key (Ahonen discloses in [0041] the GC distributing to a second terminal/node: KEKs (i.e. authorization key of the current version), encrypted with public key associated with a second terminal, and TEK, and encrypted LKH keys (i.e. file key), encrypted with KEK, such that the second terminal decrypts the encrypted KEK using the private key of the second terminal in order to obtain KEK, (i.e. authorization key of the current version), and in turn, decrypt the encrypted TEK, and encrypted LKH keys (i.e. file key) in order to obtain/recover the TEK, and encrypted LKH keys (i.e. file key), where the obtained/recovered TEK is used by the second terminal/node to perform decryption of data received/obtained, as disclosed in [0036] “The role of the GC is to generate the KEKs, TEK, and a suitable set of LKH keys and to distribute these to other members of the group. Any one of the participants in the teleconference may use the (current) TEK to decrypt received data encrypted with the TEK, and may use the TEK, i.e. based on TEK, to encrypt data and multicast this to the other participants.”, where the message to e.g. terminal M1 in Figure 1 is sent through intermediary nodes, i.e. through server, indicating that the encrypted data has to have passed through the intermediary node).
Therefore, It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified McCallum to incorporate the teaching of Ahonen to utilize the above feature, with the motivation of maintain secure connection between controller and receiving nodes, as recognized by (Ahonen [0006]).

Regarding claim 13 (Currently Amended), the first terminal device of claim 12, wherein the processor is further configured to encrypt a key of an encrypted file based on the authorization key of the current version to obtain a key ciphertext of the encrypted file (McCallum [0018] “As shown in FIG. 1, computing device 102 may perform encryption of DEK using a key encryption key (KEK) to generate an encrypted DEK (E-DEK)  (i.e. key ciphertext) and perform encryption of KEK using public key 118 of an asymmetric encryption key pair.”)[[;]], and 
wherein the transmitter is further configured to send the key ciphertext to the server (McCallum Figure 2 [0026] “[0026] At 206, processing device 120 may execute symmetric-key encryption/decryption module 122 to encrypt the DEK using the previously-generated KEK to generate encrypted DEK (E-DEK) 114 and store the generated E-DEK 114 on data drive 110.”, where the data drive 110 is part of the data server 104 in Figure 1), 
wherein the key ciphertext is configured to enable [[each]] the [second] terminal device to: obtain the key ciphertext from the server[[,]]; decrypt the key ciphertext that is obtained based on the authorization key of the current version to obtain the key of the encrypted file[[,]]; and decrypt, based on the key of the encrypted file, the encrypted file stored on the server (McCallum discloses in [0028-0030] enabling the computing device 102 to obtain the E-DEK 114, i.e. key ciphertext and E-KEK 116, i.e. authorization key ciphertext from the data server 104, decrypt the E-DEK 114 based on the KEK to obtain DEK and decrypt the encrypted data 112 stored on the server 107 based on the DEK, [ as further illustrated in Figure 2), 

McCallum discloses the first terminal device to obtain the encrypted DEK from the data server to be able to decrypt the encrypted DEK and obtain DEK and accordingly decrypt the encrypted data/file using the DEK, however, McCallum does not disclose the second terminal obtaining the encrypted DEK to be able to decrypt it and then use the DEK to decrypt the decrypted data. Emphasis in Italic.
Ahonen discloses enable the second terminal device to: obtain the key ciphertext from the server[[,]]; decrypt the key ciphertext that is obtained based on the authorization key of the current version to obtain the key of the encrypted file[[,]]; and decrypt, based on the key of the encrypted file, the encrypted file stored on the server (Ahonen discloses in [0041] the GC distributing to a second terminal/node: KEKs (i.e. authorization key of the current version), encrypted with public key associated with a second terminal, and TEK, and encrypted LKH keys (i.e. file key), encrypted with KEK, such that the second terminal decrypts the encrypted KEK using the private key of the second terminal in order to obtain KEK, (i.e. authorization key of the current version), and in turn, decrypt the encrypted TEK, and encrypted LKH keys (i.e. file key) in order to obtain/recover the TEK, and encrypted LKH keys (i.e. file key), where the obtained/recovered TEK is used by the second terminal/node to perform decryption of data received/obtained, as disclosed in [0036] “The role of the GC is to generate the KEKs, TEK, and a suitable set of LKH keys and to distribute these to other members of the group. Any one of the participants in the teleconference may use the (current) TEK to decrypt received data encrypted with the TEK, and may use the TEK, i.e. based on TEK, to encrypt data and multicast this to the other participants.”, where the message to e.g. terminal M1 in Figure 1 is sent through intermediary nodes, i.e. through server, indicating that the encrypted data has to have passed through the intermediary node).
Therefore, It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified McCallum to incorporate the teaching of Ahonen to utilize the above feature, with the motivation of maintain secure connection between controller and receiving nodes, as recognized by (Ahonen [0006]).

Claims 3, 11 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over McCallum (US 20170149564 A1), hereinafter McCallum in view of Ahonen et. al. (US 20060168446 A1), hereinafter Ahonen, and further in view of Zadeh (US 20180287793 A1), hereinafter Zadeh.

Regarding claim 3 (Original), McCallum in view of Ahonen teaches the information processing method of claim 1, further comprising: 
McCallum in view of Ahonen disclose the aforementioned limitations, where a plurality, i.e. first, second, third, etc., of devices/terminals interact together, through a server, to realize the steps recited in claim 1, however, McCallum in view of Ahonen do not disclose the below limitations. Emphasis in italic.
Zadeh discloses determining a random number of a preset quantity of bits; and sending the random number to the second terminal device to enable the second terminal device to determine the public key and the private key of the second terminal device (Zadeh discloses fixed number of random bits generated by the random number generator sent to the cryptographic engine to generate public/private key pair from the fixed number of random bits, [0046] “…a fixed number of random bits generated by the random number generator may be used by the cryptographic engine as symmetric key bits or used as a random seed to generate a public/private key pair in a secure processor.”).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified McCallum in view of Ahonen to incorporate the teaching of Zadeh to utilize the above feature, with the motivation of generating cryptographic keys that are less likely to guess, as recognized by (Zadeh [0003]).

Claims 11 (Original) and 20 (New) are directed to a method and device associated with the method claimed in claim 3. Claims 11 and 20 are similar in scope to claim 3, and are therefore rejected with the same rationale and motivation as claim 3. 

Claims 4, 6 and 14 are rejected under 35 U.S.C. 103 as being unpatentable over McCallum (US 20170149564 A1), hereinafter McCallum in view of Ahonen et. al. (US 20060168446 A1), hereinafter Ahonen, and further in view of Fukuda (US 20010042046 A1), hereinafter Fukuda.

Regarding claim 4 (Original), McCallum in view of Ahonen the information processing method of claim 1, further comprising: 
encrypting the authorization key of the next version based on a public key of a [third] terminal device to obtain a second authorization key ciphertext corresponding to the [third] terminal device (McCallum discloses performing the steps of generating a KEK, as illustrated in Figure 2(202), on more than one computing device, indicating versions of authorization keys pertaining to different client devices, [0018] “…decryption server 106 is implemented with an asymmetric-key decryption module 130 to provide decryption services to one or more computing devices including computing device 102”, where the encryption of a newly generated, i.e. next version, authorization key produces second authorization key ciphertext, where the encryption is performed by a public key of decryption server 106 as illustrated in Figure 2 and disclosed in [0021], where different computing devices generate different KEK); and 
sending, to the [third] terminal device [through the server], the second authorization key ciphertext to enable the [third] terminal device to decrypt, based on a private key of the third terminal device, the second authorization key ciphertext to obtain the authorization key of the next version (McCallum discloses in [0021-0021] sending the encrypted KEK that is newly generated to the decryption server 106 to decrypted with its corresponding private key, which is searched, based on an identifier to match its public key pair associated with the computing device, as disclosed in [0017] “decryption server 106 may search for private key 128 stored in storage device 126 in view of the identifier that is associated with a computing device or a user account.”), 
obtain the file key from the server based on the authorization key of the next version, and perform the file decryption based on the file key (McCallum [0022] “Responsive to receiving the KEK from decryption server 106, processing device 120 of computing device 102 may execute symmetric-key encryption/decryption module 122 to decrypt E-DEK using received KEK to produce the DEK…In response to producing the DEK, processing device 120 of computing device 102 may execute symmetric-key encryption/decryption module 122 to decrypt encrypted data 112 using the DEK to produce the original data.”, where the Data Encryption key (DEK) corresponds to the file/data key, and the stored data corresponds to stored file, where the E-DEK 114 is obtained from the data server 104, i.e. server, as illustrated in Figure 1 based on its decryption by the KEK, i.e. authorization key).
  McCallum discloses encrypting the KEK, i.e. authorization key based on public key of the decrypting server, i.e. a second terminal, to obtain encrypted KEK corresponding the decryption server, and sending the encrypted KEK to the decryption server and decrypting the encrypted KEK by the decryption server, i.e. second terminal. However, McCallum does not disclose the below limitations where there are more than decryption servers, i.e. second, third terminals, etc. for performing the above steps. Emphasis in Italic.
 Ahonen discloses encrypting the authorization key of the next version based on a public key of a third terminal device to obtain a second authorization key ciphertext corresponding to the third terminal device (Ahonen disclose [0041] “the GC generates a TEK, LKH keys, and KEKs for each of the authenticated terminals. The GC then constructs a message (as illustrated in FIG. 2) for each terminal including the KEK encrypted (i.e. authorization key) with the public key of the terminal, and the TEK and LKH keys in the chain to that terminal encrypted with the KEK. ”, where the process is performed on multiple subscribing terminal, i.e. second, third, etc. terminals as illustrated in Figures 1, 3)
sending, to the third terminal device through the server, the second authorization key ciphertext to enable the third terminal device to decrypt, based on a private key of the third terminal device, the second authorization key ciphertext to obtain the authorization key of the next version (Ahonen [0041] “The messages are unicast to respective receivers in the subnet. Each terminal can decrypt its own message in order to recover the TEK and the appropriate LKH keys. Each terminal can decrypt its own message in order to recover the TEK and the appropriate LKH keys.”, where recovering the TEK is performed by first decrypting and recovering  the KEK as disclosed in [0007, 0010, 0017, where the message to e.g. terminal M1 in Figure 1 is sent through intermediary nodes, i.e. through server).
Therefore, It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified McCallum to incorporate the teaching of Ahonen to utilize the above feature, with the motivation of maintain secure connection between controller and receiving nodes, as recognized by (Ahonen [0006]).
While McCallum in view of Ahonen disclose the above mentioned limitations, where McCallum discloses generating different versions of KEK, i.e. authorization keys, for different computing devices/terminals, Ahonen discloses the encryption of KEK based on public key of a third computing device/terminal, and sending to a third terminal through intermediaries the encrypted KEK for decryption utilizing the private key of the third computing device/terminal to obtain the KEK. However, McCallum in view of Ahonen do not disclose that the KEK, authorization key, is encrypted utilizing the private key of the transmitting computing device, in order to produce an KEK with a private key of the transmitting device, i.e. KEK of a next version.
Fukuda discloses encrypting the authorization key of the current version based on a private key or a secret trapdoor parameter of the first terminal device to obtain an authorization key of a next version (Fukuda [0029] “…using the private key 131 for the authentication facility 121, the authentication facility 121 encrypts the private key 133 and public key 134 of the server 101 and the private key 135 and public key 136 of the client 111 to create, respectively, an encrypted private key 143 and an encrypted public key 144 for the server 101 and an encrypted private key 145 and an encrypted public key 146 for the client 111.”, as illustrates in Figure 1 an authentiction facility 121, utilize its private key 131 to encrypt the private and public keys of clients and servers and transmit the encrypted private key 143 and public key 144 of the server to the server, and the encrypted private key 145 and public key 146 of the client to the client as disclosed in e.g. [0030, 0037, 0041], where the encrypted private and public keys of the server and clients, respectively, are construed as authorization keys of the next version).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified McCallum in view of Ahonen to incorporate the teaching of Fukuda to utilize the above feature, with the motivation of protecting data using keys managed by authentication facility, as recognized by (Fukuda [0073]).

Claim 14 (Original) is directed to a method and associated with the method claimed in claim 4. Claim 14 is similar in scope to claim 4, and is therefore rejected with the same rationale and motivation as claim 4.

Regarding claim 6 (Currently Amended), McCallum in view of Ahonen and Fukuda teaches the information processing method of claim 4, 
obtain the file key from the server based on the authorization key of the current version, and perform the file decryption based on the file key (McCallum [0022] “Responsive to receiving the KEK from decryption server 106, processing device 120 of computing device 102 may execute symmetric-key encryption/decryption module 122 to decrypt E-DEK using received KEK to produce the DEK…In response to producing the DEK, processing device 120 of computing device 102 may execute symmetric-key encryption/decryption module 122 to decrypt encrypted data 112 using the DEK to produce the original data.”, where the Data Encryption key (DEK) corresponds to the file/data key, and the stored data corresponds to stored file, where the E-DEK 114 is obtained from the data server 104, i.e. server, as illustrated in Figure 1 based on its decryption by the KEK, i.e. authorization key).    
McCallum does not explicitly disclose the third terminal.
Ahonen discloses the third terminal as described in claim 4. Rationale and motivation in claim 4 apply.   
McCallum in view of Ahonen discloses the aforementioned limitations, however McCallum in view of Ahonen do not disclose the below limitations. Emphasis in italic.
Fukuda discloses wherein the authorization key of the next version s [[each]] the third terminal device to decrypt the authorization key of the next version based on a public key or a public trapdoor parameter of the first terminal device to obtain the authorization key of the current version (Fukuda discloses that the client and server illustrated in Figure 1, corresponding to third terminal, enabled to receive their respective encrypted private and public keys 143-146, corresponding to authorization key of the next version, that was previously  encrypted by the private key of the authentication facility 121, i.e. first terminal, to be decrypted by the public key of the authentication facility 121, to obtain the private and public keys 133-136, [0036] “First, the client 111 accepts the public key 132 for the authentication facility 121 from the authentication facility 121(step S301). The public key 132 is utilized in the decryption of an encrypted key that has been encrypted by the private key 131 of the authentication facility 121.”, [0037] “Next, the client 111 accepts the encrypted public key 146 for the client 111 from the authentication facility 121, decrypts the encrypted public key 146 using the public key 132 for the authentication facility 121 acquired at step S301 and obtains the public key 136 for the client 111 (step S302).” Similarly for the server in [0047]).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified McCallum in view of Ahonen to incorporate the teaching of Fukuda to utilize the above feature, with the motivation of protecting data using keys managed by authentication facility, as recognized by (Fukuda [0073]).

Claims 5 is rejected under 35 U.S.C. 103 as being unpatentable over McCallum (US 20170149564 A1), hereinafter McCallum in view of Ahonen et. al. (US 20060168446 A1), hereinafter Ahonen, Fukuda (US 20010042046 A1), hereinafter Fukuda and further in view of Rozman (US 20160337124 A1), hereinafter Rozman.

Regarding claim 5 (Currently Amended), McCallum in view of Ahonen and Fukuda the information processing method of claim 4, 
McCallum does not disclose the below limitations.
Ahonen discloses wherein the third terminal device is a destination terminal device for file sharing [after the first terminal device revokes the second terminal device] (Ahonen discloses sharing data between nodes, [0019] “e.g. the group controller, multicasts a stream of data to several other nodes.”, [0029] “Example of multicast/broadcast services include the distribution of streaming data to subscribers, e.g. audio, multimedia, etc., and teleconferencing (again, audio, multimedia, etc.).”). 
Therefore, It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified McCallum to incorporate the teaching of Ahonen to utilize the above feature, with the motivation of maintain secure connection between controller and receiving nodes while distributing shared data between nodes, as recognized by (Ahonen [0006, 0019, 0029]).
 McCallum in view of Ahonen and Fukuda discloses the aforementioned limitations, where Ahonen further discloses key revocation based scheme, however, McCallum in view of Ahonen does not explicitly disclose the below limitation. Emphasis in italic.
Rozman discloses wherein the third terminal device is a destination terminal device for file sharing after the first terminal device revokes [[a]] the second terminal device (Rozman [0037] “…automatic revocation of all previous backups of a user upon creation of a new backup and may include automatic revocation of the old device once migration to a new device is complete.”, where after the revocation of the old device, the new device, i.e. third terminal, is used for sharing data by migrating all data to the new device).
Therefore, It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified McCallum in view of Ahonen and Fukuda to incorporate the teaching of Rozman to utilize the above feature, with the motivation of revoking lost devices, and utilize new devices to replace the new device, as recognized by (Rozman [0037]).

Claims 7 and 15 are rejected under 35 U.S.C. 103 as being unpatentable over McCallum (US 20170149564 A1), hereinafter McCallum in view of Ahonen et. al. (US 20060168446 A1), hereinafter Ahonen, Fukuda (US 20010042046 A1), hereinafter Fukuda and further in view of Zhang et. al. (US 20120155647 A1), hereinafter Zhang.

Regarding claim 7 (Currently Amended), McCallum in view of Ahonen and Fukuda teaches the information processing method of claim 6, 
McCallum does not disclose below limitations.
Ahonen discloses the communications between two nodes/terminals through intermediary nodes, i.e. server. Rationale and motivation applies in claim 1.
McCallum in view of Ahonen and Fukuda do not disclose the below limitations. Emphasis in italic.
Zhang discloses further comprising sending group owner change information to a target terminal device through the server, wherein the group owner change information s the target terminal device to encrypt the authorization key of the current version based on a private key or a secret trapdoor parameter of the target terminal device to obtain the authorization key of the next version (Zhang illustrates in Figure 5 (501-503, 505), sending to the client device 105 in Figure 1, i.e. target device, Unit Key Index (UKI), i.e. group owner change information, where the UKI enable the client device to encrypt the current unit key, i.e. authorization key of the current version, using a Unit Derivation Key (UDK), i.e. secret parameter/key, to produce/obtain new unit key, i.e. authorization key of the next version, [0065] “When the client device 105 detects the UKI in the received message 109 is different (e.g., greater, lesser, randomly changed) than the current UKI 201 saved in the storage 200, the client device 105 retrieves the UDK 203 to derive the new unit key. For example, the client device 105 uses the UDK 203 may encrypt the current unit key 202 according to a function and use the result to replace the current unit key 202. Also the new UKI is stored in storage 200 replacing the current UKI 201.”, where the UDK 203 is stored in the client device as illustrated in Figure 2 and disclosed in [0046] and [0043] “Generally, only the client device 105 stores the UDK.”). 
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified McCallum in view of Ahonen and Fukuda to incorporate the teaching of Zhang to utilize the above feature, with the motivation of conveniently generating new key unit versions on client devices without transporting the device to the service center, as recognized by (Zhang [0003]).
 
Claim 15 (Original) is directed to a first terminal device associated with the method claimed in claim 7. Claim 15 is similar in scope to claim 7, and is therefore rejected with the same rationale and motivation as claim 7.

Claims 8 and 16 are rejected under 35 U.S.C. 103 as being unpatentable over McCallum (US 20170149564 A1), hereinafter McCallum in view of Ahonen et. al. (US 20060168446 A1), hereinafter Ahonen, and further in view of Roth (US 10467422 B1), hereinafter Roth.
Regarding claim 8 (Currently Amended), McCallum in view of Ahonen teaches the information processing method of claim 1, further comprising: 
encrypting the authorization key of the next version based on a public key of a [fourth] terminal device to obtain a third authorization key ciphertext corresponding to the [fourth] terminal device (McCallum discloses performing the steps of generating a KEK, as illustrated in Figure 2(202), on more than one computing device, indicating versions of authorization keys pertaining to different client devices, [0018] “…decryption server 106 is implemented with an asymmetric-key decryption module 130 to provide decryption services to one or more computing devices including computing device 102”, where the encryption of a newly generated, i.e. next version, authorization key produces second authorization key ciphertext, where the encryption is performed by a public key of decryption server 106 as illustrated in Figure 2 and disclosed in [0021], where different computing devices generate different KEK); and 
sending, to the [fourth] terminal device [through the server], the third authorization key ciphertext that enables the [fourth] terminal device to decrypt, based on a private key of the fourth terminal device, the third authorization key ciphertext to obtain the authorization key of the next version (McCallum discloses in [0021-0021] sending the encrypted KEK that is newly generated to the decryption server 106 to decrypted with its corresponding private key, which is searched, based on an identifier to match its public key pair associated with the computing device, as disclosed in [0017] “decryption server 106 may search for private key 128 stored in storage device 126 in view of the identifier that is associated with a computing device or a user account.”), 
to obtain the file key from the server based on the authorization key of the next version, and to perform the file decryption based on the file key (McCallum [0022] “Responsive to receiving the KEK from decryption server 106, processing device 120 of computing device 102 may execute symmetric-key encryption/decryption module 122 to decrypt E-DEK using received KEK to produce the DEK…In response to producing the DEK, processing device 120 of computing device 102 may execute symmetric-key encryption/decryption module 122 to decrypt encrypted data 112 using the DEK to produce the original data.”, where the Data Encryption key (DEK) corresponds to the file/data key, and the stored data corresponds to stored file, where the E-DEK 114 is obtained from the data server 104, i.e. server, as illustrated in Figure 1 based on its decryption by the KEK, i.e. authorization key).
McCallum discloses encrypting the KEK, i.e. authorization key based on public key of the decrypting server, i.e. a second terminal, to obtain encrypted KEK corresponding the decryption server, and sending the encrypted KEK to the decryption server and decrypting the encrypted KEK by the decryption server, i.e. second terminal. However, McCallum does not disclose the below limitations where there are more than decryption servers, i.e. second, third, fourth terminals, etc. for performing the above steps. Emphasis in Italic.
Ahonen discloses encrypting the authorization key of the next version based on a public key of a fourth terminal device to obtain a third authorization key ciphertext corresponding to the fourth terminal device (Ahonen disclose [0041] “the GC generates a TEK, LKH keys, and KEKs for each of the authenticated terminals. The GC then constructs a message (as illustrated in FIG. 2) for each terminal including the KEK encrypted (i.e. authorization key) with the public key of the terminal, and the TEK and LKH keys in the chain to that terminal encrypted with the KEK. ”, where the process is performed on multiple subscribing terminal, i.e. second, third, fourth, etc. terminals as illustrated in Figures 1,3),
sending, to the fourth terminal device through the server, the third authorization key ciphertext is configured to enable the fourth terminal device to decrypt, based on a private key of the fourth terminal device, the third authorization key ciphertext to obtain the authorization key of the next version
(Ahonen [0041] “The messages are unicast to respective receivers in the subnet. Each terminal can decrypt its own message in order to recover the TEK and the appropriate LKH keys. Each terminal can decrypt its own message in order to recover the TEK and the appropriate LKH keys.”, where recovering the TEK is performed by first decrypting and recovering  the KEK as disclosed in [0007, 0010, 0017, where the message to e.g. terminal M1 in Figure 1 is sent through intermediary nodes, i.e. through server).
Therefore, It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified McCallum to incorporate the teaching of Ahonen to utilize the above feature, with the motivation of maintain secure connection between controller and receiving nodes, as recognized by (Ahonen [0006]).
While McCallum in view of Ahonen disclose the above mentioned limitations, where McCallum discloses generating different versions of KEK, i.e. authorization keys, for different computing devices/terminals, Ahonen discloses the encryption of KEK based on public key of a third computing device/terminal, and sending to a third terminal through intermediaries the encrypted KEK for decryption utilizing the private key of the third computing device/terminal to obtain the KEK. However, McCallum in view of Ahonen do not disclose the below limitation.
Roth discloses determining, from a preset first database, an authorization key of a next version of the authorization key of the current version, wherein the preset first database comprises authorization keys of a plurality of versions of the first terminal device (Roth illustrates in Figure 28 cryptographic key versions stored in a database, Col. 45 line 32-48 “FIG. 28 shows an illustrative example representation of a database used to maintain track of key usage. The database may be maintained by an appropriate system, such as a system performing the process 2700. In the database illustrated, columns correspond to, respectively, KeyIDs, key versions, usability, and a counter. The KeyIDs and Key Versions may be as described above. A value in the usability column may indicate whether the key is retired or active (or whether the key has another state, should such other states be supported by various implementations of the present disclosure). As illustrated in FIG. 28, the database has a row for each version of a key identified by a KeyID, including all retired versions and the active version. It should be noted, however, that a database may lack all versions of a key. For instance, keys may be permanently removed from storage for various security reasons. Removal may be, for instance, pursuant to a customer request or enforcement of a policy.”).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified McCallum in view of Ahonen to incorporate the teaching of Roth to utilize the above feature, with the motivation of identifying key usage and enable key rotation to prevent key cryptographic attacks, as recognized by (Roth Abstract).

Claim 16 (Original) is directed to a method and associated with the method claimed in claim 8. Claim 16 is similar in scope to claim 8, and is therefore rejected with the same rationale and motivation as claim 8.

Claims 17 and 18-19 are rejected under 35 U.S.C. 103 as being unpatentable over McCallum (US 20170149564 A1), hereinafter McCallum in view of Ahonen et. al. (US 20060168446 A1), hereinafter Ahonen, Roth (US 10467422 B1), hereinafter Roth, and further in view of Kim et. al. (US 20110150217 A1), hereinafter Kim.

Regarding claim 17 (Currently Amended), McCallum in view of Ahonen, Roth teaches the first terminal device of claim 16, 
McCallum in view of Ahonen, Roth do not disclose the below limitations.
Kim discloses wherein the processor is further configured to obtain the authorization keys of the plurality of versions of the terminal device based on a preset first random number using a preset first one-way trapdoor function (Kim [0038] “For example, if the random encryption key is generated randomly, a first chain encryption key is generated by applying the Hash function to the random encryption key and a second chain encryption key is generated by applying the Hash function to the first chain encryption key. In this case, the random encryption key may be a random number or may be an encryption key that is randomly extracted from a plurality of encryption keys stored in a database. The Hash function may be a Message-Digest algorithm 5 (MD5), a Secure Hash Algorithm-1 (SHA-1), or a Secure Hash Algorithm-2 (SHA-2).”, where Kim discloses obtaining versions of keys, authorization keys, in a chain based on a random encryption key that is initially generated randomly, corresponding to preset first random number and a hash function, corresponding to the one-way trapdoor function, consistent with the definition of the one-way trapdoor function in the instant application in [0198] “The preset first one-way trapdoor function may be a hash chain function, which is also referred to as a hash function”).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified McCallum in view of Ahonen and Roth to incorporate the teaching of Kim to utilize the above feature, with the motivation of encrypting different layers with different sequentially generated encryption keys, as recognized by (Kim [0037-0038]), which improves security.

Regarding claim 18 (Currently Amended), McCallum in view of Ahonen, Roth and Kim teaches the first terminal device of claim 17, wherein the processor is further configured to: 
McCallum in view of Ahonen, Roth do not disclose the below limitations.
Kim discloses set the preset first random number as an authorization key of an nth version, wherein n is an integer greater than or equal to 2; obtain an authorization key of an (n-1)th version based on the authorization key of the nth version using the preset first one-way trapdoor function; (Kim [0071] “Referring to FIG. 5, when the decryption key K.sub.R and a video content package 510 are received, the encrypted second enhancement layer 516 is decrypted using the decryption key K.sub.R, an encrypted first enhancement layer 514 is decrypted using a first chain decryption key Kc1 generated by applying a Hash function on the decryption key K.sub.R, and an encrypted basement layer 512 is decrypted using a second chain decryption key Kc2 generated by applying the Hash function on the first chain decryption key Kc1.”, [0013, 0038], e.g. [0038] “For example, if the random encryption key is generated randomly, a first chain encryption key is generated by applying the Hash function to the random encryption key and a second chain encryption key is generated by applying the Hash function to the first chain encryption key. In this case, the random encryption key may be a random number or may be an encryption key that is randomly extracted from a plurality of encryption keys stored in a database. The Hash function may be a Message-Digest algorithm 5 (MD5), a Secure Hash Algorithm-1 (SHA-1), or a Secure Hash Algorithm-2 (SHA-2).”, where if n=2, then the first chain encryption key, corresponding to the 1st version is generated by applying a hash function to the   random encryption key, corresponding to the nth version, where the hash function corresponds to the one-way trapdoor function, consistent with the definition of the one-way trapdoor function in the instant application in [0198] “The preset first one-way trapdoor function may be a hash chain function, which is also referred to as a hash function”).  
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified McCallum in view of Ahonen and Roth to incorporate the teaching of Kim to utilize the above feature, with the motivation of encrypting different layers with different sequentially generated encryption keys, as recognized by (Kim [0037-0038]), which improves security.

Regarding claim 19 (Original), McCallum in view of Ahonen, Roth and Kim teaches the first terminal device of claim 18, 
McCallum does not disclose intermediary server, i.e. through a server.
Ahonen discloses the communications between two nodes/terminals through intermediary nodes, i.e. server. Rationale and motivation applies in claim 12.
McCallum in view of Ahonen, Roth do not disclose the below limitations.
Kim discloses wherein the transmitter is further configured to send group owner change information to a target terminal device through the server, wherein the group owner change information enables the target terminal device to obtain a second database based on a preset second random number using a preset second one-way trapdoor function, and wherein the second database comprises authorization keys of a plurality of versions of the second terminal device (Kim [0071] discloses, as illustrated in Figure 5, receiving, by a transmitting device, encrypted layers and a decryption key K.sub.R, corresponding to the group owner change information, which enables the received device, target device, to encrypt the K.sub.R, [0038] “For example, if the random encryption key is generated randomly, a first chain encryption key is generated by applying the Hash function to the random encryption key and a second chain encryption key is generated by applying the Hash function to the first chain encryption key. In this case, the random encryption key may be a random number or may be an encryption key that is randomly extracted from a plurality of encryption keys stored in a database. The Hash function may be a Message-Digest algorithm 5 (MD5), a Secure Hash Algorithm-1 (SHA-1), or a Secure Hash Algorithm-2 (SHA-2).”, if n=2, then the first chain encryption key, corresponding to the 1st version is generated by applying a hash function to the   random encryption key, corresponding to the nth version, where the hash function corresponds to the one-way trapdoor function, consistent with the definition of the one-way trapdoor function in the instant application in [0198] “The preset first one-way trapdoor function may be a hash chain function, which is also referred to as a hash function”, where the chain of encryption keys, plurality of versions, are stored in a memory with assigned chain key associated with a particular layer as disclosed in [0013-0014, 0045], i.e. database, where the chained encryption keys are based on random number and hash function).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified McCallum in view of Ahonen and Roth to incorporate the teaching of Kim to utilize the above feature, with the motivation of encrypting different layers with different sequentially generated encryption keys, as recognized by (Kim [0037-0038]), which improves security.

Conclusion
THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 


Any inquiry concerning this communication or earlier communications from the examiner should be directed to BASSAM A NOAMAN whose telephone number is (571)272-2705. The examiner can normally be reached Monday-Friday 8:30 AM-5:00PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Eleni A. Shiferaw can be reached on (571) 272-3867. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/BASSAM A NOAMAN/           Examiner, Art Unit 2497                                                                                                                                                                                             /ELENI A SHIFERAW/Supervisory Patent Examiner, Art Unit 2497