Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

	This action is in response to the amendment filed 4/07/2022.  Claims 1, 3-8, 10, 11, 14-19 are pending.  Claims 1, 10, 11, 14-16 and 18 are amended. Claims 1 (a method), 10 (a non-transitory CRM), 11 (a machine), and 16 (a machine) are independent. 

Response to Arguments
Applicant’s arguments filed 4/07/2022, with respect to the rejection(s) of claim(s) 1 under Nix (US 2015/0095648) have been fully considered and are persuasive.  Nix does not disclose multiple sensors in a vehicle transmitting over a vehicle on-board bus system.  Therefore, the rejection has been withdrawn.  However, upon further consideration, a new ground(s) of rejection is made in view of Alvarez et al., US 2018/0091596 (filed 2016-09), in view of McLaughlin et al., US 2015/0222517 (filed 2015-02), and Bernstein “ChaCha, a variant of Salsa20” (published 2008 and submitted in IDS filed 06/07/2019).

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1, 3, 6, 8, 10, 11, and 14-16 is/are rejected under 35 U.S.C. 103 as being unpatentable over Alvarez et al., US 2018/0091596 (filed 2016-09), in view of McLaughlin et al., US 2015/0222517 (filed 2015-02), and Bernstein “ChaCha, a variant of Salsa20” (published 2008 and submitted in IDS filed 06/07/2019).
	As to claims 1, 10, 11, and 16, Alvarez discloses a method/CRM/machine/machine comprising:
	Detecting a measured value by each of the multiple sensors of the vehicle; (“data collection from a vehicle invokes a hardware-based signature for data points collected among components such as vehicle sensors, telematics units, or aftermarket devices utilized during driving activity.” Alvarez ¶ 15)
Cryptographically signing each detected measured value (“A signature on the sensor data may provide proof that the data originated from a specific sensor in a specific car. Anyone with the public key that corresponds to the private key used to sign the data may verify the integrity of the data.” Alvarez ¶ 24) …
Providing the signed measured value from the sensor to a vehicle on-board bus system. (“The private telematics data 130 may involve the collection or communication of such data via a CAN Bus or another interconnect, bus, or interface of the motor vehicle 120.” Alvarez ¶ 23)

Alvarez does not disclose:
within a message authentication code (MAC) based on ChaCha20/12 using certificates assigned to each sensor, which certificates are saved in a tamper-proof memory associated with each sensor; and

McLaughlin discloses:
within a message authentication code (MAC) based on ChaCha20[[12]] using certificates assigned to each sensor (“accessory 1504 can build a data structure that includes the signed challenge and the accessory certificate, which can be retrieved from the authentication chip. At block 1552, accessory 1504 can encrypt the data structure built at block 1550, using the encryption key (eKey) generated at block 1544. Any symmetric encryption algorithm can be used, such as the ChaCha20-Poly1305 AEAD algorithm. The encryption algorithm can generate an encrypted data structure and a tag (authTagA).” McLaughlin ¶ 299)
which certificates are saved in a tamper-proof memory associated with each sensor; and (“an authentication chip (an integrated-circuit device, or IC) can be incorporated into accessory and/or controller devices. The authentication chip can securely store encryption keys for a device, a security certificate for the device, and information about valid or invalid security certificates that may be presented by other devices. In some embodiments, the authentication chip can implement the secure element described above (or a portion thereof).” McLaughlin ¶ 264. “the certificate can be incorporated into an authentication chip as described above with reference to FIGS. 14A-14C.” McLaughlin ¶ 297. See also McLaughlin ¶ 230).

A person of ordinary skill in the art before the effective filing date of the claimed invention would have combined Alvarez with McLaughlin by performing a signature using the ChaCha20 algorithm and storing a certificate of sensors private key in the authentication chip IC of the sensor.  It would have been obvious sot a person of ordinary skill in the art before the effective filing date of the claimed invention to combine Alvarez with McLaughlin in order to prevent attackers from altering or obtaining data from the secure element and to provide an efficient encryption authentication algorithm (ChaCha) that is easier to perform on constrained hardware. 

Alvarez in view of McLaughlin does not disclose:
That the ChaCha used is 12 bits.

Bernstein discloses:
ChaCha12
(“ChaCha8 is a 256-bit stream cipher based on the 8-round cipher Salsa20/8. The changes from Salsa20/8 to ChaCha8 are designed to improve diffusion per round, conjecturally increasing resistance to cryptanalysis, while preserving—and often improving—time per round. ChaCha12 and ChaCha20 are analogous modifications of the 12-round and 20-round ciphers Salsa20/12 and Salsa20/20. This paper presents the ChaCha family” Bernstein abstract)

A person of ordinary skill in the art before the effective filing date of the claimed invention would have performed a simple substitution of McLaughlin’s ChaCha20 with ChaCha12.  It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to perform the simple substitution as both methods were simultaneously proposed in the Bernstein reference and the selection of any of the variants would be an obvious modification to a person of ordinary skill in the art.
Per MPEP 2143(I)(B),
Alvarez in view of McLaughlin discloses the claimed system except for the 12 round variant of ChaCha.
The 12 round variant of ChaCha was known in the art to those who knew of the 20 round variant of ChaCha.
The variants perform the same function and a person of ordinary skill in the art could have performed the substitution.

As to claim 3, Alvarez in view of McLaughlin and Bernstein discloses the method of claim 1 and further discloses:
Wherein the certificate is an individual certificate.  (“accessory 1504 can build a data structure that includes the signed challenge and the accessory certificate, which can be retrieved from the authentication chip. At block 1552, accessory 1504 can encrypt the data structure built at block 1550, using the encryption key (eKey) generated at block 1544. Any symmetric encryption algorithm can be used, such as the ChaCha20-Poly1305 AEAD algorithm. The encryption algorithm can generate an encrypted data structure and a tag (authTagA).” McLaughlin ¶ 299. A single accessory certificate for the authentication chip.)

As to claim 6, Alvarez in view of McLaughlin and Bernstein discloses the method of claim 1 and further discloses:
Transmitting the signed measured value to a recipient; and (“the private telematics data 130 (which may be cryptographically signed) is communicated to a connected user device 110, such as via a wireless personal area network (e.g., Bluetooth) or local area network (e.g., Wi-Fi) connection.” Alvarez ¶ 25)
Checking the authenticity of the measured value (“Anyone with the public key that corresponds to the private key used to sign the data may verify the integrity of the data.” Alvarez ¶ 24) 

Alvarez in view of McLaughlin and Bernstein, as combined in claim 1, does not disclose: by the recipient using the certificate. 

McLaughlin further discloses:
by the recipient using the certificate.
(“controller 1502 can verify the signed challenge using the public key from the accessory certificate.” McLaughlin ¶ 304)

A person of ordinary skill in the art before the effective filing date of the claimed invention would have combined Alvarez with McLaughlin by performing a signature using the ChaCha20 algorithm and storing a certificate of sensors private key in the authentication chip IC of the sensor.  It would have been obvious sot a person of ordinary skill in the art before the effective filing date of the claimed invention to combine Alvarez with McLaughlin in order to prevent attackers from altering or obtaining data from the secure element and to provide an efficient encryption authentication algorithm (ChaCha) that is easier to perform on constrained hardware. 

As to claim 8, Alvarez in view of McLaughlin and Bernstein discloses the method of claim 1 and further discloses:
Wherein the certificate assigned to the sensor may be exchanged. (“accessory 1504 can build a data structure that includes the signed challenge and the accessory certificate, which can be retrieved from the authentication chip. At block 1552, accessory 1504 can encrypt the data structure built at block 1550, using the encryption key (eKey) generated at block 1544. Any symmetric encryption algorithm can be used, such as the ChaCha20-Poly1305 AEAD algorithm. The encryption algorithm can generate an encrypted data structure and a tag (authTagA).” McLaughlin ¶ 299).

As to claim 14, Alvarez in view of McLaughlin and Bernstein discloses the method of claim 11 and further discloses:
Wherein the communication interface for providing the signed measured value is compatible at least with CAN, CAN-FD, or Ethernet. (“The private telematics data 130 may involve the collection or communication of such data via a CAN Bus or another interconnect, bus, or interface of the motor vehicle 120.” Alvarez ¶ 23)

As to claim 15, Alvarez in view of McLaughlin and Bernstein discloses the method of claim 11 and further discloses:
A vehicle comprising multiple sensors of claim 11. (“data collection from a vehicle invokes a hardware-based signature for data points collected among components such as vehicle sensors, telematics units, or aftermarket devices utilized during driving activity.” Alvarez ¶ 15)

Claims 4-5 is/are rejected under 35 U.S.C. 103 as being unpatentable over Alvarez et al., US 2018/0091596 (filed 2016-09), in view of McLaughlin et al., US 2015/0222517 (filed 2015-02), Bernstein “ChaCha, a variant of Salsa20” (published 2008 and submitted in IDS filed 06/07/2019), and Nix, US 2015/0095648 (filed 2013-09).
As to claim 4, Alvarez in view of McLaughlin and Bernstein discloses the method of claim 1 but does not disclose:
Wherein the certificate is a certificate selected from a group of certificates assigned to the sensor. 

Nix discloses: Wherein the certificate is a certificate selected from a group of certificates assigned to the sensor. 
 (“The module identity 110 could alternatively be included in other fields within a certificate 122, such as the “Organizational Unit” (OU) field, such that if multiple certificates 122 may be associated with module 101, and in this case the module public key identity 111 a in a certificate 122 may be used in the CN field.” Nix ¶ 141. “At step 903 server 101 can determine or evaluate if a new module public key 111 and/or certificate 122 are required for continued operation.” Nix ¶ 306, generating new certificate.)

A person of ordinary skill in the art before the effective filing date of the claimed invention would have combined Alvarez in view of McLaughlin and Bernstein with Nix by incorporating a plurality of certificates within the sensor of Alvarez in view of McLaughlin and Bernstein.  It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention would have combined Alvarez in view of McLaughlin and Bernstein with Nix in order to allow multiple certificate for multiple contexts (organizational units) and also to allow for replacing or updating certificates on the sensor, thereby allowing for system updates and the update of keying material for increased security. 

As to claim 5, Alvarez in view of McLaughlin, Bernstein and Nix discloses the method of claim 4 but does not disclose:
Wherein the selected certificate is retained for the runtime of the sensor.

Nix discloses:
Wherein the selected certificate is retained for the runtime of the sensor. (“a time-to-live value for the public key, such as the illustrated “time to live” value of 1 year shown in FIG. 11. The time value for the validity of new module public key 111 b could alternatively be specified in a set expiration date.” Nix ¶ 323. “the certificate may have an expiration date” Nix ¶ 16. As no amount of time is given for the “runtime” it is reasonably interpreted as less than the certificate expiration/time to live.  Note Applicant’s specification p. 11, ¶ 2 where a runtime is described as being less than a second.)

A person of ordinary skill in the art before the effective filing date of the claimed invention would have combined Alvarez in view of McLaughlin and Bernstein with Nix by incorporating a plurality of certificates within the sensor of Alvarez in view of McLaughlin and Bernstein.  It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention would have combined Alvarez in view of McLaughlin and Bernstein with Nix in order to allow multiple certificate for multiple contexts (organizational units) and also to allow for replacing or updating certificates on the sensor, thereby allowing for system updates and the update of keying material for increased security. 


Claims 7 and 19 is/are rejected under 35 U.S.C. 103 as being unpatentable over Alvarez et al., US 2018/0091596 (filed 2016-09), in view of McLaughlin et al., US 2015/0222517 (filed 2015-02), Bernstein “ChaCha, a variant of Salsa20” (published 2008 and submitted in IDS filed 06/07/2019), and Looney et al., US 2018/0007063 (filed 2016-06).
As to claim 7, Alvarez in view of McLaughlin and Bernstein discloses the method of claim 6 but does not disclose:
Wherein the signed measured value is checked in an intermediate station before being transmitted to the recipient and signed with a certificate assigned to the intermediate station.

In a related field of signature creation and validation, Looney discloses:
Wherein the signed measured value is checked in an intermediate station before being transmitted to the recipient and signed with a certificate assigned to the intermediate station. (“node group 2 may validate each signature associated with the route update message (e.g., the first signature). Assume that node group 2 determines that the first signature is valid. As further shown, based on determining that the first signature is valid, node group 2 may sign the route update message.” Looney ¶ 22, see also ¶¶ 23 and 32).

A person of ordinary skill in the art before the effective filing date of the claimed invention would have combined Alvarez in view of McLaughlin and Bernstein with Looney by verifying and adding certificate validated signatures at each intermediary processing element, as done in Looney.  It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to combine Alvarez in view of McLaughlin and Bernstein with Looney in order to certify the processing performed at the intermediary node, thereby certifying the processing of the data in the same manner as the certification of the data itself.

As to claim 19, Alvarez in view of McLaughlin, Bernstein and Looney discloses the limitations of claim 19 as seen above in claims 6 and 7. 

Claim 17 is/are rejected under 35 U.S.C. 103 as being unpatentable over Alvarez et al., US 2018/0091596 (filed 2016-09), in view of McLaughlin et al., US 2015/0222517 (filed 2015-02), Bernstein “ChaCha, a variant of Salso20” (published 2008 and submitted in IDS filed 06/07/2019), and Guo et al., “Analysis of BLAKE2” (published 2014).
As to claims 17, Alvarez in view of McLaughlin and Bernstein discloses the method of claim 1 and further discloses:
Wherein a message authentication code (MAC) (Alvarez ¶ 24) based on ChaCha20 (McLaughlin ¶ 299) /12 (Bernstein) with … is used for cryptographically signing the detected measured value. (Alvarez ¶ 24)

Alvarez in view of McLaughlin and Bernstein does not disclose:
a HAIFA construction

Guo discloses:
ChaCha12 (Guo pages 7 and 19, describing BLAKE2b that uses 12 rounds) using a HAIFA construction. (“One of the five SHA-3 finalists. Purely ARX round function inspired from ChaCha. Local wide-pipe compression function in a HAIFA iteration mode” Guo page 2 describing the BLAKE2 algorithm)

A person of ordinary skill in the art before the effective filing date of the claimed invention would have combined Alvarez in view of McLaughlin and Bernstein with Guo by using the teachings of Guo to implement the BLAKE2b ChaCha12 variant.  It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to combine Alvarez in view of McLaughlin and Bernstein with Guo in order to harden the system against attacks on compression and hashing (the MAC) and to support the potential adoption in the SHA-3 standard, Guo p. 18.

Claim 18 is/are rejected under 35 U.S.C. 103 as being unpatentable over Alvarez et al., US 2018/0091596 (filed 2016-09), in view of McLaughlin et al., US 2015/0222517 (filed 2015-02), Bernstein “ChaCha, a variant of Salso20” (published 2008 and submitted in IDS filed 06/07/2019), and Smith et al., US 2016/0269374 (filed 2015-03).
As to claims 18, Alvarez in view of McLaughlin and Bernstein discloses the method of claim 1 but does not disclose:
Wherein each sensor uses the same certificate.

Smith discloses:
Wherein each sensor uses the same certificate.
 (“The group management service 96 may then provision (e.g., “Operation 1”, using a discovery service, multicast discovery protocol, etc.) a key (e.g., EPID.sub.pr1 . . . pr3) to each of the devices 92a, 92b, 92e as members of the CAS group. The group management service 96 may also publish (e.g., “Operation 2”) the group certificate (e.g., CertcAs) for the CAS group. Thus, Operation 0 and Operation 2 may be part of a group enrollment” Smith ¶ 46).

A person of ordinary skill in the art before the effective filing date of the claimed invention would have combined Alvarez in view of McLaughlin and Bernstein with Smith by sharing a single certificate among a plurality of sensors.  It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to combine Alvarez in view of McLaughlin and Bernstein with Smith in order to streamline the verifications for the plurality of sensors of the vehicle by using a single certificate instead of a certificate for each sensor, thereby reducing the amount of memory and processing required. 

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.  See PTO-892, particularly:
Gajek, US 2018/0204005, discloses tamper proof sensors that comprise keying material and perform signatures on sensed values.
Angus, US 2016/0294829, discloses provisioning sensor devices to vehicles. 

Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 

Any inquiry concerning this communication or earlier communications from the examiner should be directed to MICHAEL W CHAO whose telephone number is (571)272-5165. The examiner can normally be reached M, W-F 8-5.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Saleh Najjar can be reached on (571) 272-4006. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/MICHAEL W CHAO/           Examiner, Art Unit 2492