DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This initial written action is responding to the communication dated on 11/20/2020.
Claims 2, 8, 11, 17, 21and 24-25 are canceled, Claim 27 newly added.
Claims 1, 3-7, 9-10, 12-16, 18-20, 22-23 and 26-27 are submitted for examination.
Claims 1, 3-7, 9-10, 12-16, 18-20, 22-23 and 26-27  are pending.
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  

Priority

This 371 application filed on November 20, 2020 claims priority of PCT application PCT/GB2019/051204 filed on May 01, 2019 and foreign application GB1808638.9 filed on May 25 2018.


Information Disclosure Statement
The following Information Disclosure Statements in the instant application submitted in compliance with the provisions of 37 CFR 1.97, and thus, have been fully considered:
IDS filed on 20 November 2020.
IDS filed on 10 February 2021.
IDS filed on 16 June 2022

Examiner’s Note
A content distributor in Claim 1 is interpreted as Distributor 12 and receiving device in Claim 10 is interpreted as Recipient 14A, 14B and 14C. The paragraphs 21-22 of PGPUB (US 2021/0203489) describes distributor and recipient as computer system having a central processor, memory and network adapter having sufficient structure and making the claims compliant for 35 U.S.C. 101. 

Claim Objection

Claims 4-7, 9, 13-16, 18-20 and 22-23 objected to because of the following informalities:  Claims 4-7, 9, 13-16, 18-20 and 22-23 recites a limitation “A method according to …….” .  The limitation should recite, “The method according to….”. Appropriate correction is required.


Claim 13 is objected for following reason.
Claim 13 recites a limitation, “A method according to claim 12 further comprising updating the recipient with the content.”.  Examiner suggest replacing “updating the recipient” with “updating the receiving device”.

Claim 26 is objected for following reason.
The claim 26 is written in a form, so it cannot be identified as an independent claim or a dependent claim. In addition Claim 3 is a method claim while Claim 26 is a computer readable claim, and thus both claims are from different statutory classes.  Examiner suggest writing the claim in a proper independent/dependent form with all the required limitations. Examiner also suggest to add “Non-transitory” computer readable medium to make the claim compliant with 35 U.S.C. 101 should applicant decides to write the claim as computer program product claim.

Claim 27 is objected for following reason.
The claim 27 is written in a form, so it cannot be identified as an independent claim or a dependent claim. In addition Claim 12 is a method claim while Claim 27 is a computer readable claim, and thus both claims are from different statutory classes.  Examiner suggest writing the claim in a proper independent/dependent form with all the required limitations. Examiner also suggest to add “Non-transitory” computer readable medium to make the claim compliant with 35 U.S.C. 101 should applicant decides to write the claim as computer program product claim.

Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.


Claims 26-27 are rejected under 35 U.S.C. 101 because the claimed invention is directed to non-statutory subject matter because
a. Claims 26-27 are directed to a computer program product on a computer-readable medium. However, the body of the claim lacks definite structure indicative of a physical product. Therefore, the claim as a whole appears to be nothing more than computer software, and software per se does not fall within a statutory category.
In addition, the broadest reasonable interpretation of the "computer readable media" covers a transitory propagating signal which is non-statutory subject matter.
"A transitory, propagating signal... is not a "process, machine, manufacture, or composition of matter." Those four categories define the explicit scope and reach of subject matter patentable under 35 U.S.C. § 101; thus, such a signal cannot be patentable subject matter."
The examiner suggests amending the claim(s) to recite a "non-transitory computer-readable medium" or equivalent in order to exclude non-statutory subject matter such as a transitory propagating signal. Any amendment to the claims should be commensurate with its corresponding disclosure.


Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.


Claims 1, 3, 5-7, 9-10, 12, 14, 16, 19 and 26-27 are rejected under 35 U.S.C. 103 as being unpatentable over Leavy et al. (US PGPUB. # US 2020/0259640, hereinafter “Leavy”), and further in view of Benson et al. (US PAT. # US 10,965,474, hereinafter “Benson”).

Referring to Claims 1, 3 and 26:
Regarding Claim 1, Leavy teaches,
A content distributor for securely distributing content to a plurality of recipients, (Fig. 1 (100, 116, 118), ¶34, “server 100 may be a cloud service provider running a virtual machine configured to provide secure communication platform 120 to an enterprise as a Software as a Service (SaaS)”, ¶44, i.e. cloud server is interpreted as a content distributor and client devices 116, 118 are interpreted as plurality of recipients of cloud server services) each recipient creating a recipient trusted ephemeral public private key pair and making the recipient trusted ephemeral public key available, (¶46, “platform 120 may designate one of the keys in a pool of ECDH public keys received from a user of a device as a “reserve” key”, Fig. 2(204), ¶49, “Memory 204 may also store a plurality of ephemeral keys received from a second user”, Fig. 2(212), ¶52, “Crypto accelerator 212 may be dedicated hardware, software, firmware, or any combination thereof that is configured to perform cryptographic operations, such as key generation”, ¶55, “the first device's secure collaboration application may retrieve the signed ephemeral public key and its associated unique identifier for each of the receiving devices from the secure communication platform 120”, i.e. each recipients creates private/public key and makes public key available) the content distributor comprising:
a retriever for retrieving recipient trusted ephemeral public keys from a repository, each recipient trusted ephemeral public key associated with a respective recipient; (Fig. 3A(315), ¶55, “the first device's secure collaboration application may retrieve the signed ephemeral public key and its associated unique identifier for each of the receiving devices from the secure communication platform 120”).
a distributor key factory for generating a distributor ephemeral key pair comprising a distributor ephemeral private key and a distributor ephemeral public key; (Fig. 3A(330), ¶58, “In block 330, the first device's secure collaboration application generates an ephemeral key pair. In some examples, the ephemeral key pair is generated using an asymmetric key generation algorithm, such as elliptic curve cryptography (ECC) or RSA”).
a content key factory for generating a content encryption key for encrypting content to be distributed and encrypting the content using the content encryption key; (Fig. 3A(325), ¶57, “In block 325, the first device generates a random communication encryption key. In preferred examples, the random communication encryption key is a 256-bit key derived from a first set of pseudorandom bytes”). 
a shared secret factory for generating, for each recipient trusted ephemeral public key, a shared secret using the recipient trusted ephemeral public key and the distributor ephemeral private key; (¶58, “The key-encrypting key is calculated by deriving a shared secret using the ephemeral private key the sending secure collaboration application generated and an ephemeral public key associated with the receiving device”).
a key slot generator for generating a plurality of encrypted per-recipient key slots, each encrypted per-recipient key slot generated by encrypting the content encryption key using a different shared secret of the plurality of shared secrets; (¶58, “the first device's secure collaboration application calculates a key-encrypting key (KEK) for each receiving device”, “The shared secret and the receiving device's application identifier are inputted into a key derivation function to derive the KEK. By encrypting the random message encryption key with the KEK, the encrypted message is effectively bound to the receiver's secure collaboration application”, “Block 335 may be repeated for each of the one or more receivers' devices”, Fig. 3B(345), “In block 345, the message key is encrypted using the derived KEK for each of the receiving devices”, ¶59) 
[a data structure factory for creating a data structure] comprising the distributor ephemeral public key, the encrypted content, and one or more encrypted per-recipient key slots; (Fig. 3B(355, ¶59, “In block 355, the first device's secure collaboration application creates a serialized packet that includes the encrypted message, the ephemeral public key that the first device's secure collaboration application generated in block 330, the one or more unique identifiers for the receiver's ephemeral public key, the one or more encrypted message encryption keys, and the packet signature”, i.e. Examiner submits that first device’s ephemeral public key is considered as distributor ephemeral public key, the one or more unique identifier’s for the receiver’s ephemeral public key is considered as per-recipient’s key slots)  and 
a structure sender for transmitting [the data structure] to deliver the content to recipients associated with the device ephemeral public keys from which the one or more encrypted per-recipient key slots are derived. (Fig. 3B (355), ¶59, “In block 355, the first device's secure collaboration application transmits the serialized packet to the secure communication platform for distribution to the one or more receiving devices”, Fig. 4(420), ¶62, “the secure collaboration application on the first device uses its application identifier to retrieve the encrypted message key and the unique identifier of the first device's ephemeral key pair from the received serialized packet in block 420”, i.e. based on received application identifier, key slots are derived). 
	Leavy does not teach explicitly,
a data structure factory for creating a data structure [comprising the distributor ephemeral public key, the encrypted content, and one or more encrypted per-recipient key slots];
[a structure sender for transmitting] the data structure [to deliver the content to recipients associated with the device ephemeral public keys from which the one or more encrypted per-recipient key slots are derived].
However, Benson teaches,
a data structure factory for creating a data structure (Fig. 3, CL(10), LN(40-42), “FIG. 3 illustrates examples of data structures stored during the registration process for an associated security device”, Fig. 6,  CL(14), LN(53-55), i.e. Examiner submits that a data structure is stored during a registration process indicates that a data structure factory creates and stores the structure) [comprising the distributor ephemeral public key, the encrypted content, and one or more encrypted per-recipient key slots];
[a structure sender for transmitting] the data structure (Fig. 3, CL(10), LN(40-42), “FIG. 3 illustrates examples of data structures stored during the registration process for an associated security device”, Fig. 6,  CL(14), LN(53-55), i.e. Examiner submits that a data structure is stored during a registration process indicates that a data structure factory creates and stores the structure) [to deliver the content to recipients associated with the device ephemeral public keys from which the one or more encrypted per-recipient key slots are derived].
As per KSR vs Teleflex, combining prior art elements according to known methods (device, product) to yield predictable results may be used to create a prima facie case of obviousness.
It would have been obvious to one of ordinary skill in the art before the effective filing date to have combined the teachings of Benson with the invention of Leavy.
Leavy teaches, securely communicating encrypted data by generating a shared secret utilizing ephemeral public keys. Benson teaches, creating a data structure utilizing data structure factory for authenticating secure device for decrypting data. Therefore, it would have been obvious to have creating a data structure utilizing data structure factory for authenticating secure device for decrypting data of Benson with securely communicating encrypted data by generating a shared secret utilizing ephemeral public keys of Leavy for a target device to follow the data structure to retrieve correct key(s) for decryption.
KSR Int’l v. Teleflex Inc., 127 S. Ct. 1727, 1740-41, 82 USPQ2d 1385, 1396 (2007). 

Regarding Claim 3, it is a method claim of above content distributor claim 1 and therefore Claim 3 is rejected with the same rationale as applied against Claim 1 above.

Regarding Claim 26, it is a computer readable medium claim of above method claim 3 and therefore Claim 26 is rejected with the same rationale as applied against Claim 3 above.


Examiner’s note: With reference to Figures 3A and 3B First Device is a distributer device and Second Device is recipient’s device, while with reference to Figure 4 the First Device is recipient’s device and the Second Device is a distributer’s device. (As per Reference).
Referring to Claims 10, 12 and 27:
Regarding Claim 10, Leavy teaches,
A receiving device for securely receiving content from a distributor, (¶60, “The secure communication platform provides each of the one or more receiving devices with an alert”, Fig. 4(410), ¶61, “In block 410, the first device (e.g. receiving device) receives a serialized packet from a second device (e.g. sending device”) the receiving device comprising: 
a key factory for creating a recipient trusted ephemeral public private key pair; (¶46, “platform 120 may designate one of the keys in a pool of ECDH public keys received from a user of a device as a “reserve” key”, Fig. 2(204), ¶49, “Memory 204 may also store a plurality of ephemeral keys received from a second user”, Fig. 2(212), ¶52, “Crypto accelerator 212 may be dedicated hardware, software, firmware, or any combination thereof that is configured to perform cryptographic operations, such as key generation”, ¶55, “the first device's secure collaboration application may retrieve the signed ephemeral public key and its associated unique identifier for each of the receiving devices from the secure communication platform 120”, i.e. each recipients creates private/public key)
a key sender for sending the recipient trusted ephemeral public key to a repository; (¶46, “platform 120 may designate one of the keys in a pool of ECDH public keys received from a user of a device as a “reserve” key”, Fig. 2(204), ¶49, “Memory 204 may also store a plurality of ephemeral keys received from a second user”, Fig. 2(212), ¶52, “Crypto accelerator 212 may be dedicated hardware, software, firmware, or any combination thereof that is configured to perform cryptographic operations, such as key generation”, ¶55, “the first device's secure collaboration application may retrieve the signed ephemeral public key and its associated unique identifier for each of the receiving devices from the secure communication platform 120”, i.e. each recipients creates private/public key and makes public key available via memory indicates that recipient’s public is sent to the memory (repository))
[a data structure receiver for receiving a data structure] comprising a distributor ephemeral public key, encrypted content, and one or more encrypted per-recipient key slots, each encrypted per-recipient key slot associated with a different recipient (Fig. 3B(355), ¶59, “In block 355, the first device's secure collaboration application creates a serialized packet that includes the encrypted message, the ephemeral public key that the first device's secure collaboration application generated in block 330, the one or more unique identifiers for the receiver's ephemeral public key, the one or more encrypted message encryption keys, and the packet signature”, “In block 355, the first device's secure collaboration application transmits the serialized packet to the secure communication platform for distribution to the one or more receiving devices” i.e. Examiner submits that first device’s ephemeral public key is considered as distributor ephemeral public key, the one or more unique identifier’s for the receiver’s ephemeral public key is considered as per-recipient’s key slots)  and each formed by encrypting a content encryption key using a recipient shared secret associated with the recipient, (¶58, “the first device's secure collaboration application calculates a key-encrypting key (KEK) for each receiving device”, “The shared secret and the receiving device's application identifier are inputted into a key derivation function to derive the KEK. By encrypting the random message encryption key with the KEK, the encrypted message is effectively bound to the receiver's secure collaboration application”, “Block 335 may be repeated for each of the one or more receivers' devices”, Fig. 3B(345), “In block 345, the message key is encrypted using the derived KEK for each of the receiving devices”) each recipient shared secret generated using associated recipient trusted ephemeral public key and the distributor ephemeral private key; (¶58, “The key-encrypting key is calculated by deriving a shared secret using the ephemeral private key the sending secure collaboration application generated and an ephemeral public key associated with the receiving device”).
a secret factory for recreating the recipient shared secret from the distributor ephemeral public key and the recipient trusted ephemeral private key; (Fig. 4(440), ¶62, “the first device calculates a shared secret using the first device's ephemeral private key and the second device's ephemeral public key. The shared secret and the first device's application identifier are inputted to a key derivation function to generate the key-encrypting key”, i.e. recipient’s shared secret is recreated from the first device (recipient’s device) private key and second device’s (distributor) public key). 
a key slot decoder for recreating the content encryption key by decrypting the encrypted per-recipient key slot of the one or more encrypted per-recipient key slots associated with the recipient using the recreated recipient shared secret; (Fig. 4(450), ¶62, “ In block 450, the first device's secure collaboration application decrypts the encrypted message encryption key”).
a content decoder for decrypting the encrypted content with the content encryption key. (Fig. 4(460), ¶62, “In block 460, the decrypted communication encryption key is used to decrypt the message”).
Leavy does not teach explicitly,
a data structure receiver for receiving a data structure [comprising a distributor ephemeral public key, encrypted content, and one or more encrypted per-recipient key slots, each encrypted per-recipient key slot associated with a different recipient].
However, Benson teaches,
a data structure receiver for receiving a data structure  (Fig. 3, CL(10), LN(40-42), “FIG. 3 illustrates examples of data structures stored during the registration process for an associated security device”, Fig. 6,  CL(14), LN(53-55), i.e. Examiner submits that a data structure is stored during a registration process indicates that a data structure factory receives and stores the structure) [comprising a distributor ephemeral public key, encrypted content, and one or more encrypted per-recipient key slots, each encrypted per-recipient key slot associated with a different recipient].
As per KSR vs Teleflex, combining prior art elements according to known methods (device, product) to yield predictable results may be used to create a prima facie case of obviousness.
It would have been obvious to one of ordinary skill in the art before the effective filing date to have combined the teachings of Benson with the invention of Leavy.
Leavy teaches, securely communicating encrypted data by generating a shared secret utilizing ephemeral public keys. Benson teaches, creating a data structure utilizing data structure factory for authenticating secure device for decrypting data. Therefore, it would have been obvious to have creating a data structure utilizing data structure factory for authenticating secure device for decrypting data of Benson with securely communicating encrypted data by generating a shared secret utilizing ephemeral public keys of Leavy for a target device to follow the data structure to retrieve correct key(s) for decryption.
KSR Int’l v. Teleflex Inc., 127 S. Ct. 1727, 1740-41, 82 USPQ2d 1385, 1396 (2007). 

Regarding Claim 12, it is a method claim of above receiving device claim 10 and therefore Claim 12 is rejected with the same rationale as applied against Claim 10 above.

Regarding Claim 27, it is a computer readable medium claim of above method claim 12 and therefore Claim 27 is rejected with the same rationale as applied against Claim 12 above.

Regarding Claim 5, rejection of Claim 3 is included and for the same motivation Leavy teaches,
 A method according to claim 3 further comprising associating, in the data structure, each encrypted per-recipient key slots with a recipient key ID or public key hash so that a recipient can identify their own encrypted per-recipient key slot. (¶49, “a hash of the receiver's username, a hash of the receiver's application identifier”, ¶58, “The shared secret and the receiving device's application identifier are inputted into a key derivation function to derive the KEK. By encrypting the random message encryption key with the KEK, the encrypted message is effectively bound to the receiver's secure collaboration application”, i.e. recipient can identify their own encrypted pre-recipient key slot).

Regarding Claim 6, rejection of Claim 3 is included and for the same motivation Leavy teaches,
A method according to claim 3 further comprising one or more of signing the data structure with a distributor long-term private key and signing one or more parts of the data structure at the distributor for later verification at a recipient. (¶59, Fig. 3B(350), “the first device's secure collaboration application calculates a packet signature. In some examples, the packet signature is an HMAC-based signature derived from the encrypted message and header information”, Fig. 4(410), ¶61, “Receiving the serialized packet may include retrieving the serialized packet from the secure communication platform in response to receiving an alert or notification. Once received, the first device may verify the packet signature included in the serialized packet”).

Regarding Claim 7, rejection of Claim 3 is included and for the same motivation Leavy teaches,
A method according to claim 3 further comprising creating two or more [data structures] comprising different subsets of the encrypted per-recipient key slots and forwarding each [data structure] to a recipient corresponding to one of the encrypted per-recipient key slots in its respective subset of encrypted content keys. (¶58, “the first device's secure collaboration application calculates a key-encrypting key (KEK) for each receiving device”, “The shared secret and the receiving device's application identifier are inputted into a key derivation function to derive the KEK. By encrypting the random message encryption key with the KEK, the encrypted message is effectively bound to the receiver's secure collaboration application”, “Block 335 may be repeated for each of the one or more receivers' devices”, Fig. 3B(345), “In block 345, the message key is encrypted using the derived KEK for each of the receiving devices”, (Fig. 3B (355), ¶59, “In block 355, the first device's secure collaboration application transmits the serialized packet to the secure communication platform for distribution to the one or more receiving devices”, i.e. Examiner submits that each receiving device indicates that different subsets of encrypted per-recipient key slots are generated and transmitted)
Leavy does not teach explicitly,
A method according to claim 3 further comprising [creating two or more] data structures [comprising different subsets of the encrypted per-recipient key slots and forwarding each] data structure [to a recipient corresponding to one of the encrypted per-recipient key slots in its respective subset of encrypted content keys].
However, Benson teaches,
A method according to claim 3 further comprising [creating two or more] data structures (Fig. 3, CL(10), LN(40-42), “FIG. 3 illustrates examples of data structures stored during the registration process for an associated security device”, Fig. 6,  CL(14), LN(53-55), i.e. Examiner submits that a data structure is stored during a registration process indicates that a data structure factory creates and stores the structure) [comprising different subsets of the encrypted per-recipient key slots and forwarding each] data structure (Fig. 3, CL(10), LN(40-42), “FIG. 3 illustrates examples of data structures stored during the registration process for an associated security device”, Fig. 6,  CL(14), LN(53-55), i.e. Examiner submits that a data structure is stored during a registration process indicates that a data structure factory creates and stores the structure) [to a recipient corresponding to one of the encrypted per-recipient key slots in its respective subset of encrypted content keys].

Regarding Claim 9, rejection of Claim 3 is included and for the same motivation Leavy teaches,
A method according to claim 3 further comprising verifying each recipient trusted ephemeral public key using an associated recipient long-term public key also retrieved from the repository. (Fig. 3A (315, 320), ¶55, “In block 315, the first device's secure collaboration application retrieves a signed ephemeral public key and its associated unique identifier”, ¶56, “In block 320, the first device's secure collaboration application validates the signature chain for each ephemeral public key received from the secure communication platform”).
Regarding Claim 14, rejection of Claim 12 is included and for the same motivation Leavy teaches,
A method according to claim 12 further comprising forwarding [the data structure] to another recipient corresponding to one of the encrypted per-recipient key slots. (Fig. 3B (355), ¶59, “In block 355, the first device's secure collaboration application transmits the serialized packet to the secure communication platform for distribution to the one or more receiving devices”, Fig. 4(420), ¶62, “the secure collaboration application on the first device uses its application identifier to retrieve the encrypted message key and the unique identifier of the first device's ephemeral key pair from the received serialized packet in block 420”, i.e. based on received application identifier, key slots are derived and transmitted to recipient)
Leavy does not teach explicitly,
A method according to claim 12 further comprising [forwarding] the data structure [to another recipient corresponding to one of the encrypted per-recipient key slots].
However, Benson teaches,
A method according to claim 12 further comprising [forwarding] the data structure (Fig. 3, CL(10), LN(40-42), “FIG. 3 illustrates examples of data structures stored during the registration process for an associated security device”, Fig. 6,  CL(14), LN(53-55), i.e. Examiner submits that a data structure is stored during a registration process indicates that a data structure factory creates and stores the structure)  [to another recipient corresponding to one of the encrypted per-recipient key slots].
Regarding Claim 16, rejection of Claim 12 is included and for the same motivation Leavy teaches,
A method according to claim 12 further comprising: creating a further recipient public private key pair and sending the further recipient public key to the repository; (¶46, “platform 120 may designate one of the keys in a pool of ECDH public keys received from a user of a device as a “reserve” key”, Fig. 2(204), ¶49, “Memory 204 may also store a plurality of ephemeral keys received from a second user”, Fig. 2(212), ¶52, “Crypto accelerator 212 may be dedicated hardware, software, firmware, or any combination thereof that is configured to perform cryptographic operations, such as key generation”, ¶55, “the first device's secure collaboration application may retrieve the signed ephemeral public key and its associated unique identifier for each of the receiving devices from the secure communication platform 120”, i.e. each recipients creates private/public key, ¶46, “platform 120 may designate one of the keys in a pool of ECDH public keys received from a user of a device as a “reserve” key”, Fig. 2(204), ¶49, “Memory 204 may also store a plurality of ephemeral keys received from a second user”, Fig. 2(212), ¶52, “Crypto accelerator 212 may be dedicated hardware, software, firmware, or any combination thereof that is configured to perform cryptographic operations, such as key generation”, ¶55, “the first device's secure collaboration application may retrieve the signed ephemeral public key and its associated unique identifier for each of the receiving devices from the secure communication platform 120”, i.e. each recipients creates private/public key and makes public key available via memory indicates that recipient’s public is sent to the memory (repository))
 and signing the recipient trusted ephemeral public key (DEKpublic) with the further recipient private key before sending whereby the recipient trusted ephemeral public key can be verified using the further recipient public key. (Fig. 3A(320), ¶56, “In block 320, the first device's secure collaboration application validates the signature chain for each ephemeral public key received from the secure communication platform. In this regard, the signature of the ephemeral public key is authenticated according to a signature verification algorithm, such as ECDSA, using the second public key). 

Regarding Claim 19, rejection of Claim 12 is included and for the same motivation Leavy teaches,
A method according to claim 12 further comprising verifying the signed [data structure] with the distributor public key. (Fig. 4(410), ¶61, “Receiving the serialized packet may include retrieving the serialized packet from the secure communication platform in response to receiving an alert or notification. Once received, the first device may verify the packet signature included in the serialized packet”).
Leavy does not teach explicitly,
A method according to claim 12 further comprising [verifying the signed] data structure [with the distributor public key].
However, Benson teaches,
 A method according to claim 12 further comprising [verifying the signed] data structure (Fig. 3, CL(10), LN(40-42), “FIG. 3 illustrates examples of data structures stored during the registration process for an associated security device”, Fig. 6,  CL(14), LN(53-55), i.e. Examiner submits that a data structure is stored during a registration process indicates that a data structure factory creates and stores the structure) [with the distributor public key].

Claims 4 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Leavy et al. (US PGPUB. # US 2020/0259640, hereinafter “Leavy”), and further in view of Benson et al. (US PAT. # US 10,965,474, hereinafter “Benson”), and further in view of Bowman et al. (EP PUB. # EP 3291482, hereinafter “Bowman”).

Regarding Claim 4, rejection of Claim 3 is included and for the combination of  Leavy and Benson does not teach explicitly,
A method according to claim 3 further comprising discarding the distributor ephemeral private key and/or the recipient trusted ephemeral public key after shared secret generation.
However, Bowman teaches,
A method according to claim 3 further comprising discarding the distributor ephemeral private key and/or the recipient trusted ephemeral public key after shared secret generation. (¶35, “The primary ephemeral private key can be deleted after the shared secret has been generated”, Examiner submits that there is an or in the claim which requires only one limitation can be cited).
As per KSR vs Teleflex, combining prior art elements according to known methods (device, product) to yield predictable results may be used to create a prima facie case of obviousness.
It would have been obvious to one of ordinary skill in the art before the effective filing date to have combined the teachings of Bowman with the invention of Leavy in view of Benson.
Leavy in view of Benson teaches, securely communicating encrypted data by generating a shared secret utilizing ephemeral public keys and creating a data structure utilizing data structure factory for authenticating secure device for decrypting data. Bowman teaches, deleting ephemeral private key after generating a shared secret. Therefore, it would have been obvious to have deleting ephemeral private key after generating a shared secret of Bowman into the teachings of Leavy in view of Benson to protect encrypted data by deleting the first ephemeral private key.
KSR Int’l v. Teleflex Inc., 127 S. Ct. 1727, 1740-41, 82 USPQ2d 1385, 1396 (2007). 

Regarding Claim 20, rejection of Claim 12 is included and for the combination of  Leavy and Benson does not teach explicitly,
A method according to claim 12 further comprising one or more of discarding the distributor ephemeral public key and/or the recipient shared secret after use or as indicated by data structure metadata and discarding the distributor ephemeral private key after creating the content encryption key.
However, Bowman teaches,
A method according to claim 12 further comprising one or more of discarding the distributor ephemeral public key and/or the recipient shared secret after use or as indicated by data structure metadata (¶10, “The shared secret and the secret key are deleted after the next secret key is generated”, ¶58, “The primary ephemeral public key can be deleted after the primary shared secret is generated”,) and discarding the distributor ephemeral private key after creating the content encryption key. (¶35, “The primary ephemeral private key can be deleted after the shared secret has been generated”, Examiner submits that there is an or in the claim which requires only one limitation can be cited)
As per KSR vs Teleflex, combining prior art elements according to known methods (device, product) to yield predictable results may be used to create a prima facie case of obviousness.
It would have been obvious to one of ordinary skill in the art before the effective filing date to have combined the teachings of Bowman with the invention of Leavy in view of Benson.
Leavy in view of Benson teaches, securely communicating encrypted data by generating a shared secret utilizing ephemeral public keys and creating a data structure utilizing data structure factory for authenticating secure device for decrypting data. Bowman teaches, deleting ephemeral private key after generating a shared secret. Therefore, it would have been obvious to have deleting ephemeral private key after generating a shared secret of Bowman into the teachings of Leavy in view of Benson to protect encrypted data by deleting the first ephemeral private key.
KSR Int’l v. Teleflex Inc., 127 S. Ct. 1727, 1740-41, 82 USPQ2d 1385, 1396 (2007). 

Claim 13 is rejected under 35 U.S.C. 103 as being unpatentable over Leavy et al. (US PGPUB. # US 2020/0259640, hereinafter “Leavy”), and further in view of Benson et al. (US PAT. # US 10,965,474, hereinafter “Benson”), and further in view of Sean Walton (US PAT. # US 9,563,418, hereinafter “Walton”).

Regarding Claim 13, rejection of Claim 12 is included and for the combination of  Leavy and Benson does not teach explicitly,
A method according to claim 12 further comprising updating the recipient with the content.
However, Walton teaches,
A method according to claim 12 further comprising updating the recipient with the content. (Fig. 6(610, 660), CL(12), LN(13-15), “at operation 610, the method may include receiving and decrypting an update package 400 from a software update server 150”,  CL(13), LN(4-18), “executing the repair modules 412, 418 may include replacing damaged data and files with undamaged replacement data and files”, i.e. receiver device is updated).
As per KSR vs Teleflex, combining prior art elements according to known methods (device, product) to yield predictable results may be used to create a prima facie case of obviousness.
It would have been obvious to one of ordinary skill in the art before the effective filing date to have combined the teachings of Walton with the invention of Leavy in view of Benson.
Leavy in view of Benson teaches, securely communicating encrypted data by generating a shared secret utilizing ephemeral public keys and creating a data structure utilizing data structure factory for authenticating secure device for decrypting data. Walton teaches, updating content of receiving device by decrypting received encrypted content. Therefore, it would have been obvious to have updating content of receiving device by decrypting received encrypted content of Walton into the teachings of Leavy in view of Benson to securely receive content to keep endpoint running securely.
KSR Int’l v. Teleflex Inc., 127 S. Ct. 1727, 1740-41, 82 USPQ2d 1385, 1396 (2007). 


Claim 15 is rejected under 35 U.S.C. 103 as being unpatentable over Leavy et al. (US PGPUB. # US 2020/0259640, hereinafter “Leavy”), and further in view of Benson et al. (US PAT. # US 10,965,474, hereinafter “Benson”), and further in view of Helms et al. (US PGPAT. # US 10,848,806, hereinafter “Helms”).

Regarding Claim 15, rejection of Claim 12 is included and for the combination of  Leavy teaches,
A method according to claim 12 further comprising [duplicating the data structure comprising a subset] of the encrypted per-recipient key slots (Fig. 3B(355, ¶59, “In block 355, the first device's secure collaboration application creates a serialized packet that includes the encrypted message, the ephemeral public key that the first device's secure collaboration application generated in block 330, the one or more unique identifiers for the receiver's ephemeral public key, the one or more encrypted message encryption keys, and the packet signature”, i.e. Examiner submits that first device’s ephemeral public key is considered as distributor ephemeral public key, the one or more unique identifier’s for the receiver’s ephemeral public key is considered as per-recipient’s key slots) and forwarding [the duplicated data structure] to a recipient corresponding to one of the encrypted per-recipient key slots in the subset. (Fig. 3B(355), ¶59, “In block 355, the first device's secure collaboration application transmits the serialized packet to the secure communication platform for distribution to the one or more receiving devices”).
Combination of Leavy and Benson does not teach explicitly,
A method according to claim further comprising duplicating the data structure comprising a subset [of the encrypted per-recipient key slots and forwarding] the duplicated data structure [to a recipient corresponding to one of the encrypted per-recipient key slots in the subset].
However, Helms teaches,
A method according to claim further comprising duplicating the data structure comprising a subset (CL(7), LN(16-37), “enable the first computerized client device to transmit to the second computerized client device via the content delivery network: (i) a copy of at least a portion of the media data structure containing the protected digital data content”, i.e. portion of the media data structure indicates that the data structure is a subset of the data structure and copied indicates that it is duplicated, Claim 1, “(i) a copy of at least a portion of the media data structure containing the protected digital data content”)  [of the encrypted per-recipient key slots and forwarding] the duplicated data structure (CL(7), LN(16-37), “enable the first computerized client device to transmit to the second computerized client device via the content delivery network: (i) a copy of at least a portion of the media data structure containing the protected digital data content”, i.e. portion of the media data structure indicates that the data structure is a subset of the data structure and copied indicates that it is duplicated, Claim 1, “(i) a copy of at least a portion of the media data structure containing the protected digital data content”)  [to a recipient corresponding to one of the encrypted per-recipient key slots in the subset].
As per KSR vs Teleflex, combining prior art elements according to known methods (device, product) to yield predictable results may be used to create a prima facie case of obviousness.
It would have been obvious to one of ordinary skill in the art before the effective filing date to have combined the teachings of Helms with the invention of Leavy in view of Benson.
Leavy in view of Benson teaches, securely communicating encrypted data by generating a shared secret utilizing ephemeral public keys and creating a data structure utilizing data structure factory for authenticating secure device for decrypting data. Helms teaches, copying portion of the data structure and sending it to a receiver. Therefore, it would have been obvious to have copying portion of the data structure and sending it to a receiver of Helms into the teachings of Leavy in view of Benson to customized the content for an individual.
KSR Int’l v. Teleflex Inc., 127 S. Ct. 1727, 1740-41, 82 USPQ2d 1385, 1396 (2007). 

Claim 18 is rejected under 35 U.S.C. 103 as being unpatentable over Leavy et al. (US PGPUB. # US 2020/0259640, hereinafter “Leavy”), and further in view of Benson et al. (US PAT. # US 10,965,474, hereinafter “Benson”), and further in view of Radia J. Perlman (US PGPUB. # US 2002/0191797, hereinafter “Perlman”).

Regarding Claim 18, rejection of Claim 12 is included and for the combination of  Leavy and Benson does not teach explicitly,
A method according to claim 12 further comprising including an expiration value of recipient trusted ephemeral public key with the recipient trusted ephemeral public key whereby the recipient no longer wants encrypted content that uses that recipient trusted ephemeral public key when the expiration value has been exceeded.
However, Perlman teaches,
A method according to claim 12 further comprising including an expiration value of recipient trusted ephemeral public key with the recipient trusted ephemeral public key whereby the recipient no longer wants encrypted content that uses that recipient trusted ephemeral public key when the expiration value has been exceeded. (¶12, “Each ephemeral key is associated with an expiration time”, ¶15, “The first node then encrypts the first secret key with a public key associated with the second node and further encrypts the resulting string with an ephemeral public key having a desired expiration time to form an ephemeral key string”, Fig. 1, ¶31, ¶39, “once the ephemeral key expires, Node B 162 loses the ability to have to have SK1 decrypted by the ephemerizer 164 and decryption of the encrypted information message is thwarted”).
As per KSR vs Teleflex, combining prior art elements according to known methods (device, product) to yield predictable results may be used to create a prima facie case of obviousness.
It would have been obvious to one of ordinary skill in the art before the effective filing date to have combined the teachings of Perlman with the invention of Leavy in view of Benson.
Leavy in view of Benson teaches, securely communicating encrypted data by generating a shared secret utilizing ephemeral public keys and creating a data structure utilizing data structure factory for authenticating secure device for decrypting data. Perlman teaches, ephemeral keys having an expire time. Therefore, it would have been obvious to have ephemeral keys having an expire time of Perlman into the teachings of Leavy in view of Benson to avoid an attacker decrypt confidential data with the expired keys.
KSR Int’l v. Teleflex Inc., 127 S. Ct. 1727, 1740-41, 82 USPQ2d 1385, 1396 (2007). 


Claim 22 is rejected under 35 U.S.C. 103 as being unpatentable over Leavy et al. (US PGPUB. # US 2020/0259640, hereinafter “Leavy”), and further in view of Benson et al. (US PAT. # US 10,965,474, hereinafter “Benson”), and further in view of Vaudenay, JR. et al (US PGPUB. # US 2017/0034138, hereinafter “Vaudenay”).

Regarding Claim 22, rejection of Claim 12 is included and for the combination of  Leavy does not teach explicitly,
A method according to claim 12 wherein the data structure comprises a reference to the signed certificate chain containing the recipient trusted ephemeral public key or the signed cryptographic hash of the recipient trusted ephemeral public key or the signed cryptographic hash of the certificate chain containing the recipient trusted ephemeral public key so that the recipient can fetch the recipient trusted ephemeral public key to confirm validity.
However, Benson teaches,
A method according to claim 12 wherein the data structure (Fig. 3, CL(10), LN(40-42), “FIG. 3 illustrates examples of data structures stored during the registration process for an associated security device”, Fig. 6,  CL(14), LN(53-55), i.e. Examiner submits that a data structure is stored during a registration process indicates that a data structure factory creates and stores the structure) [comprises a reference to the signed certificate chain containing the recipient trusted ephemeral public key or the signed cryptographic hash of the recipient trusted ephemeral public key or the signed cryptographic hash of the certificate chain containing the recipient trusted ephemeral public key so that the recipient can fetch the recipient trusted ephemeral public key to confirm validity].
As per KSR vs Teleflex, combining prior art elements according to known methods (device, product) to yield predictable results may be used to create a prima facie case of obviousness.
It would have been obvious to one of ordinary skill in the art before the effective filing date to have combined the teachings of Benson with the invention of Leavy.
Leavy teaches, securely communicating encrypted data by generating a shared secret utilizing ephemeral public keys. Benson teaches, creating a data structure utilizing data structure factory for authenticating secure device for decrypting data. Therefore, it would have been obvious to have creating a data structure utilizing data structure factory for authenticating secure device for decrypting data of Benson with securely communicating encrypted data by generating a shared secret utilizing ephemeral public keys of Leavy for a target device to follow the data structure to retrieve correct key(s) for decryption.
KSR Int’l v. Teleflex Inc., 127 S. Ct. 1727, 1740-41, 82 USPQ2d 1385, 1396 (2007). 
Combination of Leavy and Benson does not teach explicitly,
A method according to claim 12 wherein [the data structure] comprises a reference to the signed certificate chain containing the recipient trusted ephemeral public key or the signed cryptographic hash of the recipient trusted ephemeral public key or the signed cryptographic hash of the certificate chain containing the recipient trusted ephemeral public key so that the recipient can fetch the recipient trusted ephemeral public key to confirm validity.
However, Vaudenay teaches,
A method according to claim 12 wherein [the data structure] comprises a reference to the signed certificate chain containing the recipient trusted ephemeral public key or the signed cryptographic hash of the recipient trusted ephemeral public key (Fig. 5, ¶28, “The key s is calculated at B by a hash function H(g, pk, epk, epk.sup.sk, N) of the argument which combine, e.g. concatenates, g, pk, epk, epks.sup.k, N. “, i.e. Examiner submits the Node B is considered as the receiver and NODE B’s ephemeral public key is hashed. Claim uses or which requires only one limitation to be cited) or the signed cryptographic hash of the certificate chain containing the recipient trusted ephemeral public key so that the recipient can fetch the recipient trusted ephemeral public key to confirm validity.
As per KSR vs Teleflex, combining prior art elements according to known methods (device, product) to yield predictable results may be used to create a prima facie case of obviousness.
It would have been obvious to one of ordinary skill in the art before the effective filing date to have combined the teachings of Vaudenay with the invention of Leavy in view of Benson.
Leavy in view of Benson teaches, securely communicating encrypted data by generating a shared secret utilizing ephemeral public keys and creating a data structure utilizing data structure factory for authenticating secure device for decrypting data. Vaudenay  teaches, hashing of receiver’s ephemeral public key. Therefore, it would have been obvious to have hashing of receiver’s ephemeral public key of Vaudenay into the teachings of Leavy in view of Benson to generate a session key for secure communication between two devices.
KSR Int’l v. Teleflex Inc., 127 S. Ct. 1727, 1740-41, 82 USPQ2d 1385, 1396 (2007). 

Claim 23 is rejected under 35 U.S.C. 103 as being unpatentable over Leavy et al. (US PGPUB. # US 2020/0259640, hereinafter “Leavy”), and further in view of Benson et al. (US PAT. # US 10,965,474, hereinafter “Benson”), and further in view of Lu et al. (US PGPUB. # US 2019/0097818, hereinafter “Lu”).

Regarding Claim 23, rejection of Claim 10 is included and for the combination of  Leavy and Benson does not teach explicitly,
A method according to claim 10 further signing the recipient trusted ephemeral public key using a private key.
However, Lu teaches,
A method according to claim 10 further signing the recipient trusted ephemeral public key using a private key. (¶64, “The appliance may generate appliance key pair 265 and derive an appliance ephemeral key pair 266 (e.g., an appliance ephemeral private key 268 and an appliance ephemeral public key 270), signed by the private user root key 262”, i.e. appliance (recipient) ephemeral public key is signed with a private key).
As per KSR vs Teleflex, combining prior art elements according to known methods (device, product) to yield predictable results may be used to create a prima facie case of obviousness.
It would have been obvious to one of ordinary skill in the art before the effective filing date to have combined the teachings of Lu with the invention of Leavy in view of Benson.
Leavy in view of Benson teaches, securely communicating encrypted data by generating a shared secret utilizing ephemeral public keys and creating a data structure utilizing data structure factory for authenticating secure device for decrypting data. Lu teaches signing appliance ephemeral public key with a private key. Therefore, it would have been obvious to have signing appliance ephemeral public key with a private key of Lu into the teachings of Leavy in view of Benson so the ephemeral public key can be validated.
KSR Int’l v. Teleflex Inc., 127 S. Ct. 1727, 1740-41, 82 USPQ2d 1385, 1396 (2007). 

Claims 2, 8, 11, 17, 21, 24-25:		Canceled


Conclusion
	The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.  Refer to PTO-892, Notice of References Cited for a listing of analogous art.
Wall et al. (US PGPUB. # US 2018/0316495) discloses, an orthogonal access control system based on cryptographic operations provided by multi-hop proxy re-encryption (PRE) that strictly enforces only authorized access to data by groups of users, scalable to large numbers of users. Scalable delegation of decryption authority can be shared with a plurality of members of a group whether those members be users or devices, and members of a group can further create sub groups and delegate decryption authority to those members, whether users or devices. Members are granted access via generation of transform keys, and membership or access can be revoked merely be deleting the transform key—no elimination of the encrypted data, regardless of its storage location, is needed.
Graubner et al. (US PGPUB. # US 2017/0054691) discloses, a communication device for performing encrypted communication with at least one further communication device in a communication network is provided. Advantageously, the device is adapted to communicate with a plurality of further communication devices. The communication device comprises a communication unit and a cryptographic unit. Moreover it comprises a key encryption key generator configured to generate at least one key encryption key jointly with the at least further communication device, using the communication unit. Also, it comprises a traffic encryption key generator configured to generate a traffic encryption key, specific to the communication device, for encrypting traffic data by the communication device. The cryptographic unit is preferably configured to encrypt the traffic encryption key using the at least one key encryption key. Moreover, the communication unit is preferably configured to transmit the encrypted traffic encryption key to the at least one further communication device.
Le Saint et al. (WIPO PUB. # WO 2017/004466) discloses, a method for confidentially and securely provisioning data to an authenticated user device. A user device may register an authentication public key with an authentication server. The authentication public key may be signed by an attestation private key maintained by the user device. Once the user device is registered, a provisioning server may send an authentication request message including a challenge to the user device. The user device may sign the challenge using an authentication private key corresponding to the registered authentication public key, and may return the signed challenge to the provisioning server. In response, the provisioning server may provide provisioning data to the user device. The registration, authentication, and provisioning process may use public key cryptography while maintaining confidentiality of the user device, the provisioning server, and then authentication server.
Ian Curry (US PGPUB. # US 2003/0172262) discloses, an apparatus, such as a secure distribution server, receives encrypted information from a sender, wherein the encrypted information is for transmission to a plurality of intended recipients. In addition to the encrypted information, the method includes receiving an encrypted secret key that is encrypted using a public key associated with the secure distribution server. The method and apparatus decrypts the encrypted secret key to produce a decrypted secret key. The method and apparatus then encrypts the decrypted secret key with the corresponding public key of at least one (or each of a plurality of) intended recipient(s) to produce at least one (or plurality of) recipient-specific secure secret keys. The method and apparatus then forwards the received encrypted information sent by the sender and also sends at least one recipient-specific secure secret key to a corresponding intended recipient. 
Alwen et al. (US PAT. # US 10,855,440) discloses, a non-transitory computer-readable medium for generating new keys during a secure communication session. A key derivation function is operatively connected to both a counter and a memory. The key derivation function generates new key material from a first input and a second input in response to a signal provided by the counter. The key derivation function generates the new key material and outputs it to the memory.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to DARSHAN I DHRUV whose telephone number is (571)272-4316. The examiner can normally be reached M-F 9:00 AM-5:00 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Yin-Chen Shaw can be reached on 571-272-8878. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/DARSHAN I DHRUV/          Primary Examiner, Art Unit 2498