Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
The present Office Action is responsive to communication received 4/4/2022. 0. Claims 1-20 are pending.

Response to Arguments
Applicant’s arguments received on 4/4/2022 are respectfully considered and are addressed as follows:
Regarding the obviousness-type double patenting rejection, the filing and approval of a terminal disclaimer overcome the rejection; the rejection is withdrawn.
Regarding the rejection of claim 1-13 under 35 USC 101, the amendments to said claims overcome the rejection, the rejection is withdrawn.
Regarding the prior art rejection, Applicant argues: 
“Elbegbayan discloses sharing the "secret key" between the sending and receiving parties using an encryption algorithm (i.e., "[t]he sender and receiver can initially create an agreed upon the secret authentication key with any standard technique, such as authenticated Diffie-Hellman). Unlike Elbegbayan, in the present application the key is pre-shared between the sending party and the one or more receiving parties on the home network before the sending party ever accesses the unsecured network. In this way, the pre-shared key is not agreed to by the parties over the unsecured network, and as such, other systems on the unsecured network do not know the pre-shared key used separate the wheat from the chaff packets (e.g., even if the other systems know the algorithm that uses the pre-shared key).”
The examiner respectfully disagrees. Elbegbayan discloses the use of authenticated Diffie-Hellman as an example of standard key sharing technique (4.2, 4th paragraph).  The examiner reminds herein the computation by two entities A and B independently of the shared key, based on Diffie-Hellman (see attached excepts from A. Menezes et al. “Handbook of Applied Cryptography”,  CRC Press, 1996):
Given a prime number p, published.
A sends to B over an open channel αx mod p (1)
B sends to A over the open channel αy mod  p, (2) x and y being random numbers.
A computes the shared key K= (αx)y mod p
B computes K= (αy)x mod p
In the authenticated Diffie-Hellman, as cited exemplarily by Elbegbayan, messages (1) and (2) are respectively signed by A and B’s private key (i.e the message may not be encrypted), in order to have each party ensure the sender of the received message is who he/she is supposed to be.
The examiner notes the claims only recite “providing a pre-shared key ...” and do not specify whether the pre-sharing is based or not on encryption, nor do the claims recite “the key is pre-shared between the sending party and the one or more receiving parties on the home network before the sending party ever accesses the unsecured network”, as alleged by Applicant.
Applicant also points that the cited prior art does not teach: “the first network is the home network of the sending system, and the second network is an unsecured network from which the sending system will be sending communications”. An updated search has been conducted and the new limitation addressed below.


Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.


Claims 1-9, 14-18 and 20 are rejected over  NPL titled “Winnowing, a Document Fingerprinting Algorithm”, by Elbegbayan, 2005, 8 pages, hereinafter Elbegbayan, in view of US 6996712 to Perlman et al., hereinafter Perlman, and further in view of US 20050246769 to Bao et al., hereinafter Bao.
Regarding claims 1 (and substantially claims 14 and 20), Elbegbayan discloses:
A security system for securely receiving communications from outside of a first network, the system comprising: 
one or more memories having computer readable code stored thereon; and one or more processors operatively coupled to the one or more memories, wherein the one or more processors are configured to execute the computer readable code to (1.3, 4.2: use of software, algorithms, conventionally stored in memory, executed by processor): 
provide a pre-shared key to a sending system on the first network, wherein the sending system will communicate with one or more first systems, and wherein (p. 6, under 4.2 :there is a secret key shared by the sender and the receiver”): the sending system creates a plurality of packets for a communication, wherein the plurality of packets comprise one or more wheat packets each having a wheat signature or one or more chaff packets each having a chaff signature (p. 6, under 4.2, on right: break up file in packets, each packet comprising a MAC; p. 7, on left: intermingle packets with chaff packets with bogus MACs) ; receive, by a receiving system of the first network the plurality of packets for the communication, wherein the receiving system: determines a validated signature for each of the plurality of packets; identifies the one or more chaff packets when the one or more chaff packets have the chaff signature that fails to meet the validated signature and discarding the one or more chaff packets; identifies the one or more wheat packets when the one or more wheat packets have the wheat signature that meets the validated signature; and determines the communication from the sending system from the one or more wheat packets; wherein one or more second systems on the second network are prevented from determining the communication from the sending system without the validated signature and without identifying the one or more wheat packets or the one or more chaff packets from the plurality of packets (p. 6, on right: “The legitimate receiver, knowing the secret authentication key, can determine that a packet is authentic by recomputing the MAC and comparing it to the received MAC. If the comparison fails, the packet and its MAC are automatically discarded ...”).
Elbegbayan does not explicitly teach the sending system will communicate with one or more first systems on the first network from a second network and wherein the plurality of packets for the communication are sent from the second network to the one or more first systems on the first network. However, sending packets from one network to another is well known in the art, as evidenced by Perlman. Perlman in an analogous art discloses end stations sending packets to other stations over the communications networks (Fig. 1, col.3:41-49: the group of end stations on each side of the communications network 16 constitutes a network, a sender end station from one network sends packets to a receiver end station at the other network). Therefore, Perlman discloses the limitations. It would have been obvious to a skilled artisan before the application was filed to have a sender from one network send packets to a receiver at the other network as claimed because it is well common for entities from different networks to communicate, allowing widespread communications, as known in the art. 
Elbegbayan in view of Perlman does not explicitly teach: wherein the first network is a home network and the second network is an unsecured network.
In an analogous art, Bao discloses a home network comprising a proxy server and mobile devices in communication with devices in a public, unsecure network (Fig. 1, [0033]). A device 60 in the public network sends a message to the home network, to setup a key protocol and establish a shared key  ([0041][0042][0044], Fig. 2). It would have been obvious to a skilled artisan before the application was filed to have devices in a first network and a second network establish a shared key, wherein the first network is a home network and the second network is an unsecured network as taught by Bao because  it would allow the devices to communicate securely using the shared key, which could be used for confidentiality of exchanged messages as well as for checking integrity of the messages (i.e for computing MACs), enhancing security. Thus, it would have been obvious to a skilled artisan before the application was filed to receive, by a receiving system of the first network the plurality of packets for the communication, wherein the receiving system: determines a validated signature for each of the plurality of packets; identifies the one or more chaff packets ...; identifies the one or more wheat packets when the one or more wheat packets have the wheat signature ...; and determines the communication from the sending system from the one or more wheat packets ... because it would allow the device in the home network to authenticate packets without using encryption (see Elbegbayan , 4.2), a less expensive process.

Regarding claims 2 and substantially claim 15, Elbegbayan in view of Perlman and further view of Bao discloses the system of claim 1, wherein determining the validated signature comprises replicating a received signature for the plurality of packets, wherein the received signature is the chaff signature of the one or more chaff packets or the wheat signature of the one or more wheat packets (Elbegbayan, p.6 receiver replicates MAC and compares with the one received, the chaff packets will fail the comparison).

Regarding claims 3 and substantially claim 16, Elbegbayan in view of Perlman and further view of Bao discloses the system of claim 2, wherein the received signature comprises a message authentication code (MAC), and wherein replicating the MAC comprises: using the pre-shared key and an algorithm to create the validated signature (Elbegbayan, p.6 receiver replicates MAC and compares with the one received, the chaff packets will fail the comparison).

Regarding claims 4 and substantially claim 17, Elbegbayan in view of Perlman and further view of Bao discloses the system of claim 3, wherein the algorithm is a pre-shared algorithm that is shared with the sending system when the sending system is on the first network (Elbegbayan, p.6 “ There is a secret key shared by the sender and the receiver to authenticate the origin and contents of each packet).

Regarding claims 5 and substantially claim 18, Elbegbayan in view of Perlman and further view of Bao discloses the system of claim 3, wherein replicating the received signature further comprises: using at least a portion of the plurality of packets to create the validated signature (Elbegbayan, p.6 “the sender appends to each packet a “message authentication code” or MAC computed as a function of the packet contents and the secret authentication key, using some standard MAC algorithm “ ).  

Regarding claim 6, Elbegbayan in view of Perlman and further view of Bao discloses the system of claim 1, wherein the sending system creates the wheat signature for the one or more wheat packets (Elbegbayan, p.6 last paragraph on right: create good packets, with sequence number and MAC) .  

Regarding claim 7, Elbegbayan in view of Perlman and further view of Bao discloses the system of claim 1, wherein the wheat signature is created from the pre-shared key, an algorithm, and a portion of a wheat packet of the one or more wheat packets ( Elbegbayan p.6 last paragraph on right: create good packets, with sequence number and MAC, and second paragraph under 4.2: MAC computed as a function of the packet contents, the authentication key using MAC algorithm).  

Regarding claim 8, Elbegbayan in view of Perlman and further view of Bao discloses the system of claim 1, wherein the sending system creates the one or more chaff packets using imitation content and imitation signatures (Elbegbayan p. 7 add chaff packet with fake content and bogus MACs).

Regarding claim 9, Elbegbayan in view of Perlman and further view of Bao discloses the system of claim 8, wherein the one or more chaff packets appear to be related to a legitimate communication (Elbegbayan p. 7 added chaff have reasonable serial numbers and reasonable messages contents).

Claims 10-11 are rejected over  Elbegbayan, Perlman and Bao,  in view of NPL titled “Chaffing and winnowing: confidentiality without encryption”, by Rivest, 1998, 8 pages, hereinafter Rivest. Rivest is included in IDS dated 4-19-2021.

Regarding claim 10, Elbegbayan in view of Perlman and further view of Bao discloses the system of claim 1, but does not explicitly teach: wherein the sending system creates the one or more chaff packets using content and validated signatures from one or more unrelated communications.  
In an analogous art, Rivest discloses different ways of adding packets  content including adding contents you may like and their associated MACs (p. 4, paragraph starting with “the process of creating chaff ...”, teaching the claim limitations. It would have been obvious to a skilled artisan before the application was filed to create the chaff from unrelated content and validated signature because it would be easy for the sender to do so, and would make the chaff content random.

Regarding claim 11, Elbegbayan in view of Perlman, Bao and Rivest discloses the system of claim 10, wherein the one or more chaff packets are from legitimate communications (Rivest, p. 5 second paragraph: add chaff created from another legitimate communication from a different user).  It would have been obvious to a skilled artisan before the application was filed to create the chaff from legitimate content as taught by Rivest because it adds randomness to the stream of packets, making it more difficult to guess good packets over chaff packets.

Claims 12-13 and 19 are rejected over  Elbegbayan and Perlman and Bao, in view of US 11153276 to Keyerleber, hereinafter Keyerleber. 
Regarding claim 12 and substantially claim 19, Elbegbayan in view of Perlman and further view of Bao discloses the system of claim 1, wherein the plurality of packets for the communication are sent from the second network to the one or more first systems on the first network (see combination in claim 1, 14 and 20) but does not explicitly teach through a remote secure network.  In an analogous art, Keyerleber discloses sending packets through a channel (VPN or not) (col. 2:61-67). It would have been obvious to a skilled artisan before the application was filed to transmit the packets from one network to the other through a secure network such as VPN because it would add confidentiality to the packets.

Regarding claim 13, Elbegbayan in view of Perlman, Bao and Keyerleber discloses the system of claim 12, wherein the plurality of packets for the communication are sent from the remote secure network using a randomized routing of the plurality of packets (Keyerleber, col.12:1-23: route packets thru a randomized selection of gateways for routing). It would have been obvious to a skilled artisan before the application was filed to transmit the packets thru randomized routing in a plurality of channels as taught by  Keyerleber because it would allow obfuscating the transmission such that an eavesdropper would not have access to the entirety of a data communication (see Abstract).
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure:
Campagna et al 8948386 disclose a home network for a mobile device and a visiting network with a verifier, the verifier can also communicate with devices in the  home network or with devices in the visiting network; a key agreement is established between the mobile and the verifier to compute a shared key between mobile and the network.
Excerpts from: A. Menezes, P. van Oorschot, and S. Vanstone, Handbook of Applied Cryptography,  CRC Press, 1996.

Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 


Any inquiry concerning this communication or earlier communications from the examiner should be directed to CATHERINE B THIAW whose telephone number is (571)270-1138. The examiner can normally be reached Monday-Friday 7am-4pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, CARL G COLIN can be reached on 571-272-3862. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/Catherine Thiaw/Primary Examiner, Art Unit 2493                                                                                                                                                                                                        5/31/2022