DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Claim Objections
Claims 1- objected to because of the following informalities:  
Claim 1 claims: “…acquire at least one candidate ID information from the memory based on the first ID information based on receiving first ID information from the external device…”. This language is confusing and convoluted, the examiner would highly recommend using: “…acquire at least one candidate ID information, wherein said at least one candidate ID information is selected from the plurality of stored ID information in the memory”. It is clear from the context that the stored ID information is generated in the previous step and received from the external electronic device. Alternatively, the applicant may want to look at claim 12 to amend the claims to overcome this objection. 
Claims 2-8 depend on objected claim 1 and do not overcome the objection of claim 1 and are therefore equally objected.
Appropriate correction is required.


Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claims 1-8 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.
Claim 1 recites the limitation "a processor configured to control the electronic device to..." in line 4, and then later in line 9 recites: “the processor is configured to control the electronic device to”.  There is insufficient antecedent basis for this limitation in the claim. It is ambiguous as to the configuration of the single “processor” defined in claim 1, as it is not clear how the processor is configured. The applicant may simply overcome this rejection by including the word “further” in the recitation of line 9, e.g.: “the processor is further configured to control the electronic device to”.
Claims 2-8 depend on rejected claim 1 and do not overcome the rejection of claim 1 and are therefore equally rejected.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-19 are rejected under 35 U.S.C. 103 as being unpatentable over U.S. PGPub. No. 2015/0278495 (hereinafter "Yu"), and further in view of U.S. PGPub. No. 2014/0185794 (hereinafter "Yasuda").

Regarding claim 1/9/12:
Yu discloses:
An electronic device (Yu, ¶45: “computer system 400 includes”) comprising:
a communication interface including circuitry (Yu, ¶45: “a network interface device 420”),
a memory (Yu, ¶45: “a main memory 404 and a static memory 406”); and
a processor configured (Yu, ¶45: “at least one processor 402 (e.g., a central processing unit (CPU)”) to control the electronic device to: store ID information and password information in the memory based on receiving the ID information generated by performing a first encryption process on biometric information (Yu discloses how a MD5SUM cryptographic hash is taken from the first biometric identifier and stored in a hash table, see ¶19: “…The biometric password (e.g., sequence of fingerprints or fingerprint templates) may be stored in a hash table indexed by a checksum hash. The checksum hash may be any type of cryptographic hash and in an example embodiment, the checksum hash is MD5SUM. The checksum may be calculated by the first biometric identifier in the sequence of biometric identifiers.”) and the password information generated by Yu discloses how a sequence of biometric identifiers is stored in the hash table, and the hash table is encrypted, see ¶26: “…the secret sequence of biometric identifiers is stored in the hash table…the hash table is encrypted.”), wherein the processor is configured to control the electronic device to:
acquire at least one candidate ID information from the memory based on the first ID information based on receiving first ID information and first password information from the external electronic device (Yu discloses in ¶30-31 how at “…202, an input sequence of biometric identifiers is read at a biometric scanner coupled to a computing device”, and how then the database is accessed to acquire the sequence of biometric identifiers based on the hash of the first identifier: “…identifying the first biometric identifier from the input sequence of biometric identifiers; calculating a hash key based on the first biometric identifier…”) and compare password information corresponding to each of the acquired at least one candidate ID information with the first password information to identify one of the candidate ID information (Yu discloses in ¶31 how the cryptographic hash of the first biometric identifier is used to retrieve the correct entry in the biometric identifier database: “…using the hash key to identify the secret sequence of biometric identifiers in a hash table”), and
perform user authentication based on the identified candidate ID information and corresponding password information (Yu discloses in ¶34-35 how the previously identified biometric identifiers from the hash table are compared with the biometric input from the user: “the input sequence of biometric identifiers is compared to the secret sequence of biometric identifiers to obtain a result…based on the result, access is allowed to a resource provided by the computing device.”).

Yu does not disclose the following limitation that is taught by Yasuda: 
the password information generated by performing a second encryption process on the biometric information (see Yasuda, ¶87, which teaches how biometric information (=vectorized characteristic of a living body of an authorized user) is homomorphically encrypted and then transmitted and stored on a registration server, e.g.: “…the vectorized characteristic quantity is homomorphically encrypted. Moreover, the registration sensor transmits the homomorphically encrypted characteristic quantity to a calculation server, and registers the characteristic quantity to a database of the calculation server as encrypted registration data”). 
Thus, one of ordinary skill in the art would have been motivated, before the effective filing date of the claimed invention, to modify the system of Yu by encrypting the biometric identifier sequence using homomorphic encryption as disclosed in Yusuda and be motivated in doing so is obtained from the prior art itself in that “the living body information is important personal information, it is preferable to use encrypted information also at the time of authentication.” In other words, one of ordinary skill in the art will recognize the benefits of storing biometric data on another device in an encrypted fashion without permitting the other device from reading the biometric information. Homomorphic encryption permits comparison functions without the need of decrypting the biometric data on the other device. 

Regarding claim 2/13:
The combination Yu and Yasuda discloses:
The electronic device of claim 1, wherein the processor is configured to control the electronic device to:
acquire the at least one candidate ID information based on similarity between each ID information stored in the memory and the first ID information (see claim 1 above and Yu, ¶30-35), and
identify one of the candidate ID information based on similarity between each password information corresponding to the at least one candidate ID information and the first password information (see rejection of claim 1 above and Yu, ¶30-35). 

Regarding claim 3/14:
The combination Yu and Yasuda discloses:
The electronic device of claim 2,
wherein each of the ID information, the first ID information, the password information, and the first password information includes encrypted numerical information, and the processor is configured to control the electronic device to: identify ID information having a difference value from the first ID information less than or equal to a first threshold among ID information stored in the memory as the candidate ID, identify password information having a difference value from the first password information less than or equal to a second threshold among password information corresponding to the candidate ID information, and perform the user authentication based on the identified password information and corresponding candidate ID information (see Yasuda, ¶88: “…a matching sensor extracts a characteristic quantity of part of a living body of a user in order to authenticate whether or not the user is an authorized user, and vectorizes the characteristic quantity. Moreover, the vectorized characteristic quantity is homomorphically encrypted. Then, the homomorphically encrypted characteristic quantity is transmitted to the calculation server. The calculation server obtains a result of a secure distance calculation by calculating a secure distance between the homomorphically encrypted characteristic quantity that has been received and the registered encryption data. Then, the calculation server transmits the result of the secure distance calculation to an authentication station having a secret key of homorphic encryption. The authentication station decrypts the transmitted result of the secure distance calculation, and makes a comparison between a decryption result and a threshold value. If the decryption result is smaller than the threshold value, the user is authenticated as the authorized user. In this embodiment, a Hamming distance is used as a secure distance.”).

Regarding claim 4/15:
The combination Yu and Yasuda discloses:
The electronic device of claim 3, wherein the processor is configured to control the electronic device to:
perform the user authentication based on password information having difference value least among password information having a difference value from the first password information less than or equal to the second threshold and corresponding candidate ID information (see ¶88-89, as cited above in the rejection of claim 3).

Regarding claim 5/16:
The combination Yu and Yasuda discloses:
The electronic device of claim 3, wherein the first threshold is a value based on a Hamming distance, and the first threshold is a value greater than the second threshold (see Yasuda, ¶28: “a secure distance such as a Hamming distance” and ¶88 as cited in the rejection of claim 3).

Regarding claim 6/10/17:
The combination Yu and Yasuda discloses:
The electronic device of claim 1, wherein the first encryption is encryption based on a bio hash (see Yu, ¶19, 30-36, as disclosed in claim 1 above states that it is a MD5 hash), and the second encryption is encryption based on inner-product encryption (IPE) (see Yasuda, ¶94, discloses how the encryption is a multiplicative homomorphic encryption (i.e. inner-product encryption), i.e.: “As illustrated in FIG. 2B, the calculation server 30 includes an encryption multiplication calculator 304 for performing a multiplication operation of two homomorphically encrypted data, an encryption scalar calculator 306 for performing a scalar multiplication of homomorphically encrypted data, and an encryption addition calculator 308 for performing an addition operation of two homomorphically encrypted data although these components are not illustrated in FIG. 2A.”).

Regarding claim 7/11/18:
The combination Yu and Yasuda discloses:
The electronic device of claim 1, wherein the biometric information includes at least one of a fingerprint, iris, retina, vein, voice, or face shape (see Yu, ¶2: “Biometric identifiers include fingerprints, facial geometry, hand geometry, iris and retina shape, color, or size, and voice. Various sensors may be used to capture the person's characteristics or traits and match them to previously-obtained samples in order to identify or authenticate the person.”).

Regarding claim 8/19:
The combination Yu and Yasuda discloses:
The electronic device of claim 1, wherein the processor is configured to control the electronic device to:
acquire the at least one candidate ID information based on the first ID information without a decryption process for the received first ID information, and compare password information corresponding to each of the at least one candidate ID information with the first password information without a decryption process for the first password information (see Yu, only the hash is used to locate the correct entry in the table, ¶28-36).

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Alexander Lagor whose telephone number is (571)270-5143. The examiner can normally be reached Monday thru Friday, 9:00 AM to 5:00 PM (EST).
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Ashokkumar B. Patel can be reached on (571) 272-3972. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/ALEXANDER LAGOR/            Primary Examiner, Art Unit 2491