DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This written action is responding to the Request for Continued Examination (RCE) dated on June 17, 2022.
Claims 1-11 and 13 are allowed.

Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on June 17, 2022 has been entered.

Allowable Subject Matter
Claims 1-11 and 13 are allowed.

Examiner’s Statement of Reasons for Allowance
The following is an examiner’s statement of reasons for allowance.
Independent Claim 1 is allowable based on the amendment presented on June 17, 2022.
Specifically, the independent Claim 1 now recites limitations as follows:
“A protection method for protecting a first cryptographic key, a user having an identifier and an associated password provided by the user, said first cryptographic key being intended to decrypt at least one ciphertext, said method, implemented by a user device, comprising: 
generating a second cryptographic key by applying a key derivation algorithm to at least the password; 
encrypting the first cryptographic key by applying an encryption algorithm parameterized by the second cryptographic key; 
calculating a result of an application of a function to at least one answer associated with a question, the answer being obtained from the user; and
providing to a management device for storage: 
the ciphertext of said first cryptographic key; and 
at least one value dependent on said result of the application of the
function to at least one answer associated with the question, wherein said value provided by the user device to the management device for storage allows the user device to retrieve the password provided by the user when the user device has the answer to said question”.

The cited reference by Mahajan et al. (US PGPPUB. # US 2015/0134962) discloses, a user device may thereafter encrypt the generated private key using a key derivation function and password provided by user 301 in connection with create secure store input 305. Additionally, the user device may encrypt the generated private key using, in one embodiment, a string representing a concatenation of one or more user security questions provided in connection with the create secure store input 305. For example, if user 301 indicated in connection with create secure storage input 305, that their favorite color was blue and their high school mascot was an eagle, the user's private key may be encrypted using a key generated from lowercase concatenation of the two answers, e.g., concat ("blueeagle"), and/or the like. In other embodiments, the user may provide answers to multiple security questions and/or security questions in addition to those required to generate the encrypted private key. In such embodiments, the MBIN may facilitate the creation of multiple versions of the user's encrypted private key that may be decrypted utilizing various combination of the user's security question answers. For example, if a user provided or was requested to provide answers to three security questions (such as answers X, Y and Z), their private key may be encrypted utilizing multiple permutations of two security question answers, e.g., X+Y, X+Z, Y+Z, and/or the like. In so doing, the user may later be able to decrypt their security answer encrypted private key using less than all of the answers to the security questions provided by the user. This feature may allow a user to successfully retrieve their private key from an encrypted private key when they have forgotten or otherwise lost some of the information comprising one or more of the security answers utilized in generating the encrypted private key. Mahajan further discloses, the keys generated using the user's password and security question answers may thereafter, in one embodiment, by used to encrypt the user's private key. By encrypting the generated private key using information provided by and only known to user 301, the private key may be provided to one or more third parties such as MBIN server 302 while simultaneously not allowing said third parties access to the underlying private key such that they may decrypt objects encrypted using the generated public key. In so doing, the MBIN facilitates a mechanism by which one or more parties may encrypt data, e.g. using the generated public key, while simultaneously storing an encrypted copy of the private key corresponding to the used public key, and yet be unable to decrypt either the private key or the object encrypted using the public key. (¶41).
The reference by Timothy A. Lewis (US PGPUB. # US 2016/0241398) discloses, the present invention take advantage of a user's knowledge of a credential that was previously shared with the firmware to encrypt user data. This credential may be, but is not limited to, a password, data acquired from a fingerprint scan or data acquired from a retinal scan. Rather than asking the user for the credential and then comparing the credential to a previously stored version of the credential, embodiments derive a symmetric key from the input credential and attempt to decrypt the user's data (or a hash thereof) with the key. Symmetric keys may be used to both encrypt and decrypt data. Successful decryption indicates that the credential matches the credential previously used to encrypt the data and that the user is authenticated. Failed decryption indicates that the credential does not match and that the user is therefore not authenticated. Since decryption uses a symmetric key derived from the credential rather than performing a comparison with the stored credential, the credential itself is not stored in the firmware. This prevents snooping by an application or the physical direct reading of the flash device by an authorized entity to extract the credential. FIG. 1 is a block diagram depicting the interrelationship of credential providers, Lock Boxes and User Profiles in an embodiment of the present invention. Credential providers C1 (102) and C2 (104) are user credential drivers for handling a specific type of user credential. Lock Boxes A-D (110, 112, 114, 116) and user profiles (121, 124, 127) are data containers associated with a specific user that are accessible to executing firmware. These data containers are stored in non-volatile storage, which can include the ROM, a hard drive, etc. The data containers of the present invention include public (non-encrypted) and private (encrypted) portions. Lock Boxes hold symmetric encryption keys and are also associated with a specific type of user credential (e.g.: C1, C2). For example, Credential Provider C1 (102) may accept a first User 1 credential (100) such as a password via keyboard connected to a computing device. Meanwhile, Credential Provider C2 (104) may accept a second type of User 1 credential 101 such as a fingerprint via a fingerprint scanner. As will be explained further below, Credential Providers C1 (102) and C2 (104) respectively generate symmetric keys (KLA, KLB) based on the respective user credential 100, 101 being input. The Credential Provider is stored in tamper-proof non-volatile storage, where updates to the Provider are controlled in a secure manner, such as those provided by UEFI's Capsule Update mechanism. (¶23, Fig. 1, ¶24). The Lock Box public (unencrypted) data may contain one user identifier associated with a single User Profile that is constant, even across platform resets. The Lock Box public data also includes one or more User Credential Provider identifiers. Each identifier uniquely identifies a User Credential Provider. The Lock Box private (encrypted) data may contain a salt value and either another Lock Box container (in the case of multi-factor authentication which is discussed further below) or a User Profile symmetric key and an identifier specifying the type of key.  The User Profile data container may contain two sections: public (unencrypted) and private (encrypted). The public portion includes a unique identifier that can be used to associate a Lock Box with the User Profile. As one example, the unique identifier may be the User Identifier described in the UEFI specification. The public portion of the User Profile may also include items such as the user name, user privilege s and user identification policy. The private portion of the User Profile may include a known salt value that can be used to verify that decryption has been successful. For most cryptographic algorithms, the salt value should be as large as the encryption block size. The private portion of the User Profile may also include other keys such as those used in hard disk encryption which are used prior to boot and thus never exposed to other agents, and/or the user-name/password used for OS log-in, which may be stored in encrypted form using a separate public/private key pair. (¶27-¶28). FIG. 5 depicts an exemplary sequence of steps performed by an embodiment of the present invention to enable access to firmware services despite a lost user password. The sequence begins with the firmware receiving an indication of a lost user password (step 502). For example, when the user forgets their password, they may select a “Forgot password?” link or button which triggers the recovery sequence. One of the common means of recovering a password is to ask one or more security questions. If the user is able to enter the correct answer to the security questions, then the user is able to get into his/her User Profile and reset his/her password. In one embodiment, these security questions are encoded in the public portion of the user's User Profile. The firmware retrieves a security question from the public portion of the User Profile and conveys it to the user (step 504). The number of questions to present is a configurable policy. An answer to the question or questions is then received (step 506). The answer/answers to the question/questions are extended into a password (step 508) and a symmetric key is generated from the password (step 510). The firmware attempts to decrypt the private portion of an associated Lock Box holding a User Profile key that may be used to access the private portion of the User Profile container (step 512). If the decryption is successful (step 513), the retrieved User Profile key is used to attempt decryption of the private portion of the associated User Profile (step 514. If the attempt is successful (step 515), the user is allowed to access his or her authorized firmware services (step 516). (Fig. 5 (506. 508, 510), ¶35).
Xiaoyan Qian (US PGPUB. # US 2017/0142082) discloses, providing secure deposit and recovery of secret data based on a secret of a user, such as a password, a shared secret from a recovery server, and a secret from a recovery peer. The secret data is encrypted with these three secrets and stored remote from the user device to only allow the user to recover the secret data without compromising the secrecy of the secret data. Systems and methods for decoupling a password from the secret data the password protects is also provided to allow resetting the password or recovering the secret data to be separate operations that can be carried out independently. Another aspect provides for a user account to be securely recovered using a recovery peer to verify ownership of the user account. (Abstract).
Haider et al. (US PGPUB. # US 2018/0013562) discloses, securely share information among groups of users having various roles, such as doctors and patients. Confidential information may be encrypted client-side, with private keys that reside solely client side. Encrypted collections of data may be uploaded to, and hosted by, a server that does not have access to keys suitable to decrypt the data. Other users may retrieve encrypted data from the server and decrypt some or all of the data with keys suitable to gain access to at least part of the encrypted data. The system includes a key hierarchy with multiple entry points to a top layer by which access is selectively granted to various users and keys may be recovered. (Abstract).
Canetti et al. (US PGPUB. # US 2008/0049939) discloses a method for key creation and recovery based on solutions to puzzles solvable by humans and not computers. In some exemplary embodiments, the key is created and recovered based on the solution(s) in conjunction with the password entered by the user. The puzzle(s) is selected based on the password used by the user from a puzzle database containing multiple puzzles that is greater in number to the number of puzzles used in conjunction with a particular password. (Abstract).
Kamath et al. (US PGPUB. # US 2014/0140508) discloses, obtaining a user's username and password. A random key is generated for use as a master key. The master key is encrypted using the password to create an encrypted master key. A hash function is performed on the password to create a password hash. A random key is generated for use as a content key for encrypting the user's selected content. The content key is encrypted using the master key to create an encrypted content key. The selected content is encrypted using the content key to create encrypted content. The username, password hash, encrypted master key, first encrypted content key, and encrypted content is communicated to a server for storage in the user's account in which the possibility of decrypting at least the encrypted content by operations on the server is mitigated. (Abstract).
Estehghari et al. (US PGPUB. # US 2015/0304315) discloses, a method provide for shared access to a database in a semi-trusted platform. In the method, for each of a set of users, provision is made for regenerating a respective user key, based on a respective predefined user input, such as a hashed password. One or more of the users is authorized to have access to an encrypted database. For each of these, the method includes encrypting a key for the encrypted database with the respective user's user key to generate an encrypted database key. During a user session, one of the authorized users is provided with access to the encrypted database by decrypting the database key from the encrypted database key with the respective user's user key, and decrypting the database, from the encrypted database, with the database key. The database key and each user's user key are not stored on the platform and are thus inaccessible to platform administrators and unauthorized users between user sessions. (Abstract).
Marion et al. (US PAT. # US 9,634,999) discloses, a master key is secured using a password-based key to generate a first encryption information. The password-based key is generated based at least in part on a password associated with a mobile device. The master key is also secured using an unlock key to generate a second encryption information. The unlock key is stored at a server, and in certain cases is not stored on the mobile device. The first encryption information and the second encryption information are stored on the mobile device. The mobile device is configured to extract the master key from the first encryption information using the password. In the event that the master key is not extracted using the password, the mobile device is configured to extract the master key from the second encryption information using the unlock key received from the server. (Abstract).
However, each of the cited references or reference from the updated search, at least, fails to teach or suggest the limitations regarding “……calculating a result of an application of a function to at least one answer associated with a question, the answer being obtained from the user; and
providing to a management device for storage: 
the ciphertext of said first cryptographic key; and 
at least one value dependent on said result of the application of the
function to at least one answer associated with the question….”, in combination with the rest of the limitations recited in the independent claim(s).
None of the previous cited prior art references or reference(s) from the updated search yield any specific references that would reasonably, either singularly or in combination with previous cited reference, result a reasonable and proper rejection for each of the cited feature limitations of the independent claim 1 under 35 U.S.C. 102 or 35 U.S.C. 103 with proper motivation.
Claims 11 is a user device claim of above method claim 1 and Claim 13 is a management device claim of above method claim 1, and therefore, they are also allowed.
Claims 2-11 depend on the allowed claim 1, and therefore, they are also allowed.
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled "Comments on Statement of Reasons for Allowance".


Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to DARSHAN I DHRUV whose telephone number is (571)272-4316. The examiner can normally be reached M-F 9:00 AM-5:00 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Yin-Chen Shaw can be reached on 571-272-8878. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/DARSHAN I DHRUV/Primary Examiner, Art Unit 2498