Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Election/Restrictions
During a telephone conversation with David Smith on 7/1/2022 a provisional election was made without traverse to prosecute the invention of species II, claims 3-4, 6, 9-10 and 12.  Affirmation of this election must be made by applicant in replying to this Office action.  Claims 2 and 8 are withdrawn from further consideration by the examiner, 37 CFR 1.142(b), as being drawn to a non-elected invention.

Claims 1, 5, 7 and 11 are generic to the following disclosed patentably distinct species:
Claims 2 and 8 (Fig. 8), directed to a central server (second network node) with multiple remote clients (first and third network nodes) quantum key distribution system and method with the exclusive limitations:
A second quantum key derived from a third quantum key
A third network node
Second encrypted data… encrypted using the first quantum key and the third quantum key
Claims 3-4, 6, 9-10 and 12 (Fig. 7), directed to a client (first network node) to server (second network node) quantum key distribution system and method with the exclusive limitation:
A key management layer of the first network node (first client)
The species are independent or distinct because as disclosed the different species have mutually exclusive characteristics for each identified species. In addition, these species are not obvious variants of each other based on the current record.
Applicant is required under 35 U.S.C. 121 to elect a single disclosed species, or a single grouping of patentably indistinct species, for prosecution on the merits to which the claims shall be restricted if no generic claim is finally held to be allowable.
There is a search and/or examination burden for the patentably distinct species as set forth above because at least the following reason(s) apply: 
The species or groupings of patentably indistinct species require a different field of search (e.g., searching different classes/subclasses or electronic resources, or employing different search strategies or search queries).
Applicant is advised that the reply to this requirement to be complete must include (i) an election of a species or a grouping of patentably indistinct species to be examined even though the requirement may be traversed (37 CFR 1.143) and (ii) identification of the claims encompassing the elected species or grouping of patentably indistinct species, including any claims subsequently added. An argument that a claim is allowable or that all claims are generic is considered nonresponsive unless accompanied by an election.
The election may be made with or without traverse. To preserve a right to petition, the election must be made with traverse. If the reply does not distinctly and specifically point out supposed errors in the election of species requirement, the election shall be treated as an election without traverse. Traversal must be presented at the time of election in order to be considered timely. Failure to timely traverse the requirement will result in the loss of right to petition under 37 CFR 1.144. If claims are added after the election, applicant must indicate which of these claims are readable on the elected species or grouping of patentably indistinct species.
Should applicant traverse on the ground that the species, or groupings of patentably indistinct species from which election is required, are not patentably distinct, applicant should submit evidence or identify such evidence now of record showing the species to be obvious variants or clearly admit on the record that this is the case. In either instance, if the examiner finds one of the species unpatentable over the prior art, the evidence or admission may be used in a rejection under 35 U.S.C. 103 or pre-AIA  35 U.S.C. 103(a) of the other species.
Upon the allowance of a generic claim, applicant will be entitled to consideration of claims to additional species which depend from or otherwise require all the limitations of an allowable generic claim as provided by 37 CFR 1.141.

Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.


Claim(s) 1, 3-7, and 9-12 are rejected under 35 U.S.C. 102(a)(1) as anticipated by Ouafi (EP 3432509 A1), hereinafter Ouafi.

	Regarding claim 1, Ouafi discloses a method at a first network node (Fig. 2 Node A) comprising a protocol stack (Fig. 2 #1100-1200) and a quantum key distribution client (Fig. 2 #2510) distinct from the protocol stack, the method comprising:
receiving, by the quantum key distribution client, a first quantum key ([0052] “encryption key distributed by the quantum key distribution system”) and a first quantum key identifier ([0053] “key identifier”) from a second network node; (Fig. 2 Node B) 
transferring the first quantum key and the first quantum key identifier from the quantum key distribution client of the first network node to the protocol stack of the first network node; ([0052-0053]; [0055] “This advantageously allows the quantum key distribution system 2510 to operate and exchange data with the upper OSI layer 1100... the applications running at those OSI layers can then directly communicate with the quantum key distribution system 2510 in order to gain access to the information related to the encryption keys stored in the quantum key distribution system 2510.”) 
and communicating, by an encryption protocol of the protocol stack ([0056] “Transport Layer Security protocol”), encrypted data with the second network node, wherein the encrypted data is encrypted using the first quantum key and comprises an indication of the first quantum key identifier. ([0100] “The "qsk_key_share" field can be used for communicating the quantum encryption keys identifiers between the quantum key distribution system 2510, 4510 and the node A, B, C connected to it, as well as between any two nodes A, B, C.”; [0106] “… the node A can send encrypted data, using a key computed in the same way as specified before, along with the original and additional data and parameters.”) 

	Regarding claim 3, Ouafi discloses the method of claim 1, wherein transferring the first quantum key and the 2first quantum key identifier comprises: 
3transferring the first quantum key and the first quantum key identifier from the 4quantum key distribution client of the first network node to a key management layer of the first 5network node; (Fig. 2 #1100; [0080] “exchanging the key information comprises exchanging the key information between the first quantum key distribution system 2510, 4510 and the first node A by an application running in at least one upper OSI layer 1100 of the first node A.”) 
andAttorney Dkt. No. 61557NP 586storing the first quantum key and the first quantum key identifier at a server 7associated with the key management layer, wherein communicating encrypted data with the 8second network node is based at least in part on the storing. ([0083-0084]) 
It is noted, the term “server” can reasonably refer to the second network node, as the relationship between the first and second network nodes is a client-server relationship. Ouafi also discloses, for Fig. 2, that the QKD systems 2510 are separate but coupled through a physical channel 2700 to nodes A and B at [0048]. Therefore, nodes A and B taught by Ouafi may be considered servers within their local networks.

	Regarding claim 4, Ouafi discloses the method of claim 1, further comprising: 
2transmitting, by a key management layer of the first network node (Fig. 2 #1100, [0080]), a request for 3the first quantum key to a corresponding key management layer of the second network node, 4wherein receiving the first quantum key by the quantum key distribution client of the first 5network node is based at least in part on transmitting the request. ([0086] “… node B informs node A on the key selected for the establishment of the encrypted channel, by selecting one encryption key among those identified by the key information received from the node A. This can be achieved by node B by sending a respective key information to node A.”) 

	Regarding claim 5, Ouafi discloses the method of claim 1, wherein communicating encrypted data with the 2second network node further comprises: 
3identifying data for transmission to the second network node; ([0052-0053])
4encrypting, by the encryption protocol of the protocol stack, the data for 5transmission to the second network node using the first quantum key; and 6transmitting, by the encryption protocol of the protocol stack, the encrypted data 7and the indication of the first quantum key identifier to the second network node. ([0080]; [0100]; [0106])
It is noted, transmitting or sending the “encrypted” data necessarily means the data is encrypted prior to the transmitting. In this case, the “encrypting” step is part of the TLS protocol, mentioned in the above citation. In further support, Gero et al. (WO 2016/073552 A1), provides a more in-depth description of the TLS protocol on Page 1 of the specification and Fig. 5, whereby the data is encrypted using a symmetric cipher and session key that is established during the handshake protocol portion of the TLS protocol. Ouafi discloses that the session keys may be replaced, in part, or entirely by the quantum keys [0090].

	Regarding claim 6, Ouafi discloses the method of claim 1, wherein communicating encrypted data with the 2second network node further comprises: 
3receiving, by the encryption protocol of the protocol stack, encrypted data from 4the second network node, wherein the encrypted data comprises the indication of the first 5quantum key identifier; ([0080]; [0100]; [0106])
6retrieving, by the encryption protocol of the protocol stack, the first quantum key 7from a server associated with a key management layer of the first network node (Fig. 2 #1100, [0080]) based at least in 8part on the indication of the first quantum key identifier; ([0052-0053]; [0055])
and 9decrypting, by the encryption protocol of the protocol stack, the encrypted data 10using the first quantum key based at least in part on retrieving the first quantum key. ([0005] “When node A and node B intend to exchange encrypted information over physical channel 1400 the encryption can be achieved at any OSI layer within each node… the receiving node must be capable of decrypting the encrypted information...”; [0090]) 

Regarding claims 7 and 9-12, the limitations are substantially similar to that of claims 1 and 3-6. Therefore, claims 7 and 9-12 are rejected on similar grounds as claims 1 and 3-6, respectively.

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Gero et al. (WO 2016/073552 A1) – Regarding an infrastructure delivery platform provides a proxy service as an enhancement to the TLS/SSL protocol to off-load to an external server the generation of a digital signature, the digital signature being generated using a private key that would otherwise have to be maintained on a terminating server.
Fu et al. (US-PGPUB 2017/0338951 A1) - Regarding a system and method for establishing a secure communication channel between a client and a server.
Voltz et al. (US-PGPUB 2008/0031459 A1) – Regarding methods and systems for securing communications between networked computer agents in a positively identifiable manner, using a centralized arbitration computer agent that acts as a trusted third party to store and manage user agent identities.
Yagi et al. (US-PGPUB 2006/0136714 A1) – Regarding a client and a server having a pattern table. The client reads a public key from the pattern table to encrypt data. The client adds a pattern number corresponding to the public key used for encryption to the encrypted data, and transmits the encrypted data to the server.
Elboukhari, Mohamed et al. “Integration of Quantum Key Distribution in the TLS Protocol.” IJCSNS International Journal of Computer Science and Network Security, VOL.9 No.12, (2009).

Any inquiry concerning this communication or earlier communications from the examiner should be directed to JOSHUA NEIL GONZALES whose telephone number is (571)272-0286. The examiner can normally be reached 10:00 AM-7:00 PM ET.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jorge L. Ortiz-Criado can be reached on (571) 272-7624. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/J.N.G./Examiner, Art Unit 2496                                                                                                                                                                                                        
/TAE K KIM/Primary Examiner, Art Unit 2496