DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  
Response to Amendment
This Office Action is in response to the amendment filed 3/28/2022. Claims 1-12 are originally cancelled claims. Claim 13 is currently amended. Claim 21 is previously cancelled claim. Claims 13-20, 22-33 are pending in the application.
The objection of claim 13 due to informalities has been withdrawn in light of applicant’s amendment to the claim.
The rejection of claims 13-20 and 22-33 under 35 USC 112(a) has been withdrawn in light of applicant’s amendment to the claims and applicant’s argument being persuasive. 
Response to Argument
Applicant’s argument, see pages 15-22 of the Remark filed 3/28/2022, with respect to claims over prior arts have been fully considered and are persuasive, further in view of the examiner’s amendments below. Upon examiner’s updated search on the features recited in the claims, examiner believes the case is in condition for allowance. Therefore, the rejection under 35 U.S.C. 103 of claims 13-20, 22-33 has been withdrawn.
Allowable Subject Matter
Claims 13-15, 17-20, 22-33 are allowed.
The following is an examiner’s statement of reasons for allowance: 
The present invention is directed to setting up a subscriber identity module (SIM) for an agreement of exchange keys with a provisioning server by having a production server to provide public key of the SIM and the exchange keys generated by the production server to make the SIM in a state that along with additional data in the SIM to appear that the SIM has generated the exchange keys when the SIM is in the field in further communication with the provisioning server.
Independent Claim 13 identifies the uniquely distinct features “wherein step a) (i.e. generating asymmetric key pair for the SIM) and step c) (i.e. generating exchange keys using private key of the SIM) are performed on a production server during a production of the subscriber identity module”, “transmitting and storing the public key of the SIM and the one or several exchange keys generated in step c) on the production server into the SIM and configuring the SIM to be programmed, at a time after the production and delivery of the SIM, with additional data, wherein the additional data includes authentication information which permits an authentication of the public key stored in the SIM, in a logging into a communication network by the SIM, gives the SIM an appearance of being set up for performing computations in accordance with an asymmetric crypto-algorithm and the SIM is put into a state as though the SIM had generated the exchange keys itself”. 
The prior art, Nix (US20150163056A1) discloses system and method for a module with eUICC including profile with shared secret keys for authentication with a wireless network. In particular, Nix teaches generating asymmetric key pair and exchange keys for authentication of eUICC with mobile network operator.
The prior art, Hibshoosh et al (US20160352710A1) discloses system and method for server-assisted secure exponentiation. In particular, Hibshoosh teaches performing modular exponentiation using server instead of using low cost SIM that is not capable to perform the module exponentiation.
The prior art, Le Saint et al (US20150372811A1) discloses device and method for efficient authentication. In particular, Le Saint teaches deletion of private key to protect encrypted data.
The prior art, Bjorn et al (US7,698,565B1) discloses method of providing certificate from client to server. In particular, Bjorn teaches well known features that private keys are not transmitted and public keys can be shared by implementing a crypto-server system where user’s private key is stored in trusted server.
The prior arts, either singularly or in combination fails to anticipate or render obvious the claimed limitations of claim 1 (similarly claims 6 and 11) of “wherein step a) (i.e. generating asymmetric key pair for the SIM) and step c) (i.e. generating exchange keys using private key of the SIM) are performed on a production server during a production of the subscriber identity module”, “transmitting and storing the public key of the SIM and the one or several exchange keys generated in step c) on the production server into the SIM and configuring the SIM to be programmed, at a time after the production and delivery of the SIM, with additional data, wherein the additional data includes authentication information which permits an authentication of the public key stored in the SIM, in a logging into a communication network by the SIM, gives the SIM an appearance of being set up for performing computations in accordance with an asymmetric crypto-algorithm and the SIM is put into a state as though the SIM had generated the exchange keys itself”.
Regarding the dependent claims: dependent claims 14-15,17-20,22-33 are also allowed for incorporating the allowable feature recited in the respective independent claim 13.
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”
Examiner’s Amendment
The application has been amended as follows: 
An Examiner's amendment to the record appears below. Should the changes and/or additions be unacceptable to applicants, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.
Authorization for this examiner’s amendment was given in an interview with Sterling D. Fillmore (703-999-9416) on 4/15/2022 and further communication on 4/25/2022 (See PTO-413 interview summary).

PLEASE AMEND THE CLAIMS AS FOLLOWS:

1–12. (Cancelled)
13. (Currently Amended) A method for setting up a subscriber identity module for an agreement of one or several exchange keys, between the subscriber identity module and a provisioning server, proceeding from asymmetric key data, the asymmetric key data comprising an individual static asymmetric key pair of the subscriber identity module, comprising a private key and a public key of the subscriber identity module, and a static asymmetric key pair of the provisioning server, comprising a private key and a public key of the provisioning server, the method comprising:
a) 	generating the asymmetric key pair for the subscriber identity module, comprising the public key and the private key of the subscriber identity module;
b) 	generating the asymmetric key pair of the provisioning server, comprising the public key and the private key of the provisioning server;
c) 	generating said one or several exchange keys employing the private key of the subscriber identity module and the public key of the provisioning server; 
wherein step a) and step c) are performed on a production server during a production of the subscriber identity module, and the method further comprises:
d) 	transmitting and storing the public key of the subscriber identity module and the one or several exchange keys generated in step c) on the production server into the subscriber identity module and configuring the subscriber identity module to be programmed, at a time after the production and delivery of the subscriber identity module, with additional data, wherein the additional data includes authentication information which permits an authentication of the public key stored in the subscriber identity module, in a logging into a communication network by the subscriber identity module, gives the subscriber identity module an appearance of being set up for performing computations in accordance with an asymmetric crypto-algorithm and the subscriber identity module is put into a state as though the subscriber identity module had generated the exchange keys itself.

14. (Currently Amended) The method according to claim 13, wherein step c) further comprises: 
c1) generating a secret employing the private key of the subscriber identity module and the public key of the provisioning server; 
c2) generating or supplying a random nonce;
c3) generating the exchange keys proceeding from the secret and the nonce.

15. (Previously Presented) The method according to claim 13, wherein step b) is performed on the production server, and wherein at least the private key generated in step b) is supplied to the provisioning server.

16. (Cancelled)

17. (Currently Amended) The method according to claim [[16]] 13, wherein step d) comprises: 
transmitting and storing the public key of the subscriber identity module by directly transmitting and storing the public key of the subscriber identity module.

18. (Currently Amended) The method according to claim [[16]] 13, further comprising: generating a certificate over the public key of the subscriber identity module by signing the public key of the subscriber identity module; wherein step d) comprises: transmitting and storing the public key by transmitting and storing the certificate.
19. (Currently Amended) The method according to claim [[16]] 13, wherein for the agreement of one or several exchange keys, between the subscriber identity module and the provisioning server, proceeding from the asymmetric key data, the method further comprising: 
e) 	supplying a subscriber identity module set up and establishing a communication connection between the subscriber identity module and the provisioning server;
f) 	transferring the public key of the subscriber identity module from the subscriber identity module to the provisioning server;
g) 	in the provisioning server receiving the public key of the subscriber identity module and identifying the subscriber identity module by means of the received public key;
h)	in the provisioning server supplying the private key of the provisioning server;
i) 	in the provisioning server generating the one or several exchange keys employing the public key of the subscriber identity module and the private key of the provisioning server.
20. (Currently Amended) The method according to claim 19, wherein: step c) comprises: 
c1) generating a secret employing the private key of the subscriber identity module and the public key of the provisioning server; 
c2) generating or supplying a random nonce;
c3) generating the exchange keys proceeding from the secret and the nonce;
and step i) comprises: 
i1) generating the secret employing the public key of the subscriber identity module and the private key of the provisioning server;
i2) generating the exchange key proceeding from the secret and the nonce
21. (Cancelled) 
22. (Previously Presented) The method according to claim 14, wherein the secret is destroyed by being deleted after the one or several exchange keys are generated.
23. (Currently Amended) The method according to claim 13, further comprising encrypting data with the one or several exchange keys, and transmitting the encrypted data between the subscriber identity module and the provisioning server.
24. (Previously Presented) The method according to claim 13, wherein the asymmetric key pairs are provided as Diffie-Hellman key pairs, including a Diffie-Hellman key pair of the subscriber identity module and another Diffie
25. (Previously Presented) The method according to claim 13, wherein step b) is performed on the provisioning server, and wherein at least the public key generated in step b) is supplied to the production server.
26. (Previously Presented) The method according to claim 13, wherein no master key is employed. 
27. (Previously Presented) The method according to claim 13, wherein in step d), in transmission processes between the subscriber identity module and the production server or the provisioning server, no secret keys are transmitted.
28. (Previously Presented) The method according to claim 13, wherein in step d), in transmission processes between the subscriber identity module and the production server or the provisioning server, no private asymmetric keys are transmitted.
29. (Previously Presented) The method according to claim 13, wherein in step d), in transmission processes between the subscriber identity module and the production server or the provisioning server, only public or non-critical data are transmitted.
30. (Previously Presented) The method according to claim 13, wherein private asymmetric keys are kept available only in secure environments. 
31. (Previously Presented) The method according to claim 13, wherein private asymmetric keys are kept available only in a production environment of the production server or on the provisioning server.
32. (Previously Presented) The method according to claim 13, wherein in the subscriber identity module no asymmetric cryptography is required or performed.
33. (Previously Presented) The method according to claim 13, wherein the subscriber identity module does not have sufficient computing power or storage capacity for asymmetric cryptography or for deriving the one or several exchange keys.
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MICHAEL M LEE whose telephone number is (571)272-1975.  The examiner can normally be reached on M-F: 8:30AM - 5:30PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Shewaye Gelagay can be reached on (571) 272-4219.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/MICHAEL M LEE/Examiner, Art Unit 2436   

/SHEWAYE GELAGAY/Supervisory Patent Examiner, Art Unit 2436