DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA  as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). 
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.
Claims 1-20 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-20 of U.S. Patent No. 10,958,415. Claims 1-20 of the instant application are anticipated by patent claims 1-20 in that claims 1-20 of the patent contain all the limitations of claims 1-20 of the instant application. Therefore, claims 1-20 of the application are not patently distinct from the earlier patent claims and as such is unpatentable for obvious-type double patenting.

US Application – 17/172,987
1. A method executed by one or more computing devices for searching polymorphically encrypted data, the method comprising: 













storing, by at least one of the one or more computing devices, one or more pseudonymous tokens in a data store, the one or more pseudonymous tokens being generated by encrypting a ciphertext using a first algorithm and an encryption key, the first algorithm comprising a polymorphic algorithm configured to generate a distinct pseudonymous token for each application of the polymorphic algorithm and the same encryption key to the same ciphertext; 
and identifying, by at least one of the one or more computing devices, data in the data store that corresponds to the ciphertext by querying the data store using a search token generated by encrypting the ciphertext using a second algorithm and the encryption key, the search token being distinct from the one or more pseudonymous tokens.

2. The method of claim 1, wherein identifying data in the data store that corresponds to the ciphertext by querying the data store using the search token generated by encrypting the ciphertext using the second algorithm and the encryption key comprises: 
applying one or more first transformations to one or more columns containing the one or more pseudonymous tokens to generate one or more transformed columns;
applying one or more second transformations to the search token to generate a transformed search token; 
and identifying one or more rows corresponding to the ciphertext based at least in part on the one or more transformed columns and the transformed search token.

3. The method of claim 2, wherein the identifying of the one or more rows corresponding to the ciphertext based at least in part on the one or more transformed columns and the transformed search token comprises:
comparing each transformed column value in the one or more transformed columns to the transformed search token using a matching function to identify one or more matching transformed column values; 
and identifying one or more rows containing the one or more matching transformed column values as corresponding to the ciphertext.

4. The method of claim 1, further comprising: 
displaying, by at least one of the one or more computing devices, a first result if the search token is matched with the one or more pseudonymous tokens of a plurality of pseudonymous tokens, the first result including a list of at least one pseudonymous tokens; 
and displaying, by at least one of the one or more computing devices, a different second result if the search token does not match with the one or more pseudonymous tokens of the plurality of pseudonymous tokens.
5. The method of claim 1, further comprising: 
modifying, by at least one of the one or more computing devices, the distinct pseudonymous token of the plurality of pseudonymous tokens by adding a respective one of one or more pseudo random permutation (PRP) seeds in the distinct pseudonymous token.

6. The method of claim 5, further comprising: 
encrypting, by at least one of the one or more computing devices, the respective one of the one or more PRP seeds using a different third algorithm and the encryption key, wherein the adding the respective one of the one or more PRP seeds includes adding the respective PRP seed either before or after the distinct pseudonymous token.

7. The method in claim 6, further comprising: 
encrypting, by at least one of the one or more computing devices, the one or more PRP seeds based on content of the distinct pseudonymous token as an initialization vector.

8. The method of claim 6, further comprising: 
detaching, by at least one of the one or more computing devices, the encrypted one or more PRP seeds; 
and decrypting, by at least one of the one or more computing devices, the encrypted one or more PRP seeds using the third algorithm and the encryption key.

9. The method in claim 8, further comprising: 
decrypting, by at least one of the one or more computing devices, the one or more PRP seeds based on content of the distinct pseudonymous token as an initialization vector.

10. The method of claim 6, further comprising: 
decrypting, by at least one of the one or more computing devices, the respective pseudonymous token using a decryption first algorithm and the encryption key after detaching the respective PRP seed from the distinct pseudonymous token.

11. The method of claim 1, wherein the second algorithm is different from the first algorithm.

12. A system for searching polymorphically encrypted data, comprising: one or more processors; and one or more memories operatively coupled to at least one of the one or more processors and having instructions stored thereon that, when executed by at least one of the one or more processors, cause at least one of the one or more processors to: 











store one or more pseudonymous tokens in a data store, the one or more pseudonymous tokens being generated by encrypting a ciphertext using a first algorithm and an encryption key, the first algorithm comprising a polymorphic algorithm configured to generate a distinct pseudonymous token for each application of the polymorphic algorithm and the same encryption key to the same ciphertext; 
and identify data in the data store that corresponds to the ciphertext by querying the data store using a search token generated by encrypting the ciphertext using a second algorithm and the encryption key, the search token being distinct from the one or more pseudonymous tokens.

13. The system of claim 12, wherein at least one of the one or more memories has further instructions stored thereon that, when executed by at least one of the one or more processors, cause at least one of the one or more processors to: 
apply one or more first transformations to one or more columns containing the one or more pseudonymous tokens to generate one or more transformed columns;
apply one or more second transformations to the search token to generate a transformed search token; 
and identify one or more rows corresponding to the ciphertext based at least in part on the one or more transformed columns and the transformed search token.

14. The system of 13, wherein at least one of the one or more memories has further instructions stored thereon that, when executed by at least one of the one or more processors, cause at least one of the one or more processors to: 
compare each transformed column value in the one or more transformed columns to the transformed search token using a matching function to identify one or more matching transformed column values; 
and identify one or more rows containing the one or more matching transformed column values as corresponding to the ciphertext.

15. The system of claim 12, wherein at least one of the one or more memories has further instructions stored thereon that, when executed by at least one of the one or more processors, cause at least one of the one or more processors to: 
modify the distinct pseudonymous token of the plurality of pseudonymous tokens by adding a respective one of one or more pseudo random permutation (PRP) seeds in the distinct pseudonymous token.

16. The system of claim 15, wherein at least one of the one or more memories has further instructions stored thereon that, when executed by at least one of the one or more processors, cause at least one of the one or more processors to: 
encrypt the respective one of the one or more PRP seeds using a different third algorithm and the encryption key, wherein the adding the respective one of the one or more PRP seeds includes adding the respective PRP seed either before or after the distinct pseudonymous token.

17. The system of claim 16, wherein at least one of the one or more memories has further instructions stored thereon that, when executed by at least one of the one or more processors, cause at least one of the one or more processors to: 
encrypt the one or more PRP seeds based on using the content of the distinct pseudonymous token as an initialization vector when encrypting one or more PRP seeds.

18. The system of claim 16, wherein at least one of the one or more memories has further instructions stored thereon that, when executed by at least one of the one or more processors, cause at least one of the one or more processors to: 
detach the encrypted one or more PRP seeds; 
and decrypt the encrypted one or more PRP seeds using the third algorithm and the encryption key.

19. The system of claim 18, wherein at least one of the one or more memories has further instructions stored thereon that, when executed by at least one of the one or more processors, cause at least one of the one or more processors to: 
decrypt the one or more PRP seeds based on using the content of the distinct pseudonymous token as an initialization vector when decrypting one or more PRP seeds.

20. At least one non-transitory computer-readable medium storing computer-readable instructions that, when executed by one or more computing devices, cause at least one of the one or more computing devices to: 











store one or more pseudonymous tokens in a data store, the one or more pseudonymous tokens being generated by encrypting a ciphertext using a first algorithm and an encryption key, the first algorithm comprising a polymorphic algorithm configured to generate a distinct pseudonymous token for each application of the polymorphic algorithm and the same encryption key to the same ciphertext; 
and identify data in the data store that corresponds to the ciphertext by querying the data store using a search token generated by encrypting the ciphertext using a second algorithm and the encryption key, the search token being distinct from the one or more pseudonymous tokens.

US patent 10,958,415
1. A method executed by one or more computing devices for searching polymorphically encrypted data, the method comprising: 
generating, by at least one of the one or more computing devices, one or more pseudonymous tokens by encrypting a ciphertext using a first algorithm and an encryption key, the first algorithm comprising a polymorphic algorithm configured to generate a distinct pseudonymous token for each application of the polymorphic algorithm to the same ciphertext with the same encryption key; 

storing, by at least one of the one or more computing devices, the one or more pseudonymous tokens in a data store; 










and identifying, by at least one of the one or more computing devices, data in the data store that corresponds to the ciphertext by querying the data store using a search token generated by encrypting the ciphertext using a second algorithm and the encryption key, the search token being distinct from the one or more pseudonymous tokens.

2. The method of claim 1, wherein identifying data in the data store that corresponds to the ciphertext by querying the data store using the search token generated by encrypting the ciphertext using the second algorithm and the encryption key comprises: 
applying one or more first transformations to one or more columns containing the one or more pseudonymous tokens to generate one or more transformed columns; 
applying one or more second transformations to the search token to generate a transformed search token; and identifying one or more rows corresponding to the ciphertext based at least in part on the one or more transformed columns and the transformed search token.

3. The method of claim 2, wherein the identifying of the one or more rows corresponding to the ciphertext based at least in part on the one or more transformed columns and the transformed search token comprises: 
comparing each transformed column value in the one or more transformed columns to the transformed search token using a matching function to identify one or more matching transformed column values; 
and identifying one or more rows containing the one or more matching transformed column values as corresponding to the ciphertext.

4. The method of claim 1, further comprising: 
displaying, by at least one of the one or more computing devices, a first result if the search token is matched with the one or more pseudonymous tokens of a plurality of pseudonymous tokens, the first result including a list of at least one pseudonymous tokens;
 and displaying, by at least one of the one or more computing devices, a different second result if the search token does not match with the one or more pseudonymous tokens of the plurality of pseudonymous tokens.
5. The method of claim 1, further comprising: 
modifying, by at least one of the one or more computing devices, the distinct pseudonymous token of the plurality of pseudonymous tokens by adding a respective one of one or more pseudo random permutation (PRP) seeds in the distinct pseudonymous token.

6. The method of claim 5, further comprising: 
encrypting, by at least one of the one or more computing devices, the respective one of the one or more PRP seeds using a different third algorithm and the encryption key, wherein the adding the respective one of the one or more PRP seeds includes adding the respective PRP seed either before or after the distinct pseudonymous token.

7. The method in claim 6, further comprising: 
encrypting, by at least one of the one or more computing devices, the one or more PRP seeds based on content of the distinct pseudonymous token as an initialization vector.

8. The method of claim 6, further comprising: 
detaching, by at least one of the one or more computing devices, the encrypted one or more PRP seeds; 
and decrypting, by at least one of the one or more computing devices, the encrypted one or more PRP seeds using the third algorithm and the encryption key.

9. The method in claim 8, further comprising: 
decrypting, by at least one of the one or more computing devices, the one or more PRP seeds based on content of the distinct pseudonymous token as an initialization vector.

10. The method of claim 6, further comprising: 
decrypting, by at least one of the one or more computing devices, the respective pseudonymous token using a decryption first algorithm and the encryption key after detaching the respective PRP seed from the distinct pseudonymous token.


11. The method of claim 1, wherein the second algorithm is different from the first algorithm.

12. A system for searching polymorphically encrypted data, comprising: one or more processors; and one or more memories operatively coupled to at least one of the one or more processors and having instructions stored thereon that, when executed by at least one of the one or more processors, cause at least one of the one or more processors to: 
generate one or more pseudonymous tokens by encrypting a ciphertext using a first algorithm and an encryption key, the first algorithm comprising a polymorphic algorithm configured to generate a distinct pseudonymous token for each application of the polymorphic algorithm to the same ciphertext with the same encryption key; 

store the one or more pseudonymous tokens in a data store; 

and identify data in the data store that corresponds to the ciphertext by querying the data store using a search token generated by encrypting the ciphertext using a second algorithm and the encryption key, the search token being distinct from the one or more pseudonymous tokens.










13. The system of claim 12, wherein at least one of the one or more memories has further instructions stored thereon that, when executed by at least one of the one or more processors, cause at least one of the one or more processors to: apply one or more first transformations to one or more columns containing the one or more pseudonymous tokens to generate one or more transformed columns; 
apply one or more second transformations to the search token to generate a transformed search token; and identify one or more rows corresponding to the ciphertext based at least in part on the one or more transformed columns and the transformed search token.

14. The system of 13, wherein at least one of the one or more memories has further instructions stored thereon that, when executed by at least one of the one or more processors, cause at least one of the one or more processors to: 
compare each transformed column value in the one or more transformed columns to the transformed search token using a matching function to identify one or more matching transformed column values; 
and identify one or more rows containing the one or more matching transformed column values as corresponding to the ciphertext.

15. The system of claim 12, wherein at least one of the one or more memories has further instructions stored thereon that, when executed by at least one of the one or more processors, cause at least one of the one or more processors to: modify the distinct pseudonymous token of the plurality of pseudonymous tokens by adding a respective one of one or more pseudo random permutation (PRP) seeds in the distinct pseudonymous token.

16. The system of claim 15, wherein at least one of the one or more memories has further instructions stored thereon that, when executed by at least one of the one or more processors, cause at least one of the one or more processors to: 
encrypt the respective one of the one or more PRP seeds using a different third algorithm and the encryption key, wherein the adding the respective one of the one or more PRP seeds includes adding the respective PRP seed either before or after the distinct pseudonymous token.


17. The system of claim 16, wherein at least one of the one or more memories has further instructions stored thereon that, when executed by at least one of the one or more processors, cause at least one of the one or more processors to: encrypt the one or more PRP seeds based on using the content of the distinct pseudonymous token as an initialization vector when encrypting one or more PRP seeds.

18. The system of claim 16, wherein at least one of the one or more memories has further instructions stored thereon that, when executed by at least one of the one or more processors, cause at least one of the one or more processors to: detach the encrypted one or more PRP seeds; 
and decrypt the encrypted one or more PRP seeds using the third algorithm and the encryption key.

19. The system of claim 18, wherein at least one of the one or more memories has further instructions stored thereon that, when executed by at least one of the one or more processors, cause at least one of the one or more processors to: decrypt the one or more PRP seeds based on using the content of the distinct pseudonymous token as an initialization vector when decrypting one or more PRP seeds.

20. At least one non-transitory computer-readable medium storing computer-readable instructions that, when executed by one or more computing devices, cause at least one of the one or more computing devices to: 
generate one or more pseudonymous tokens by encrypting a ciphertext using a first algorithm and an encryption key, the first algorithm comprising a polymorphic algorithm configured to generate a distinct pseudonymous token for each application of the polymorphic algorithm to the same ciphertext with the same encryption key; 

store the one or more pseudonymous tokens in a data store; 









and identify data in the data store that corresponds to the ciphertext by querying the data store using a search token generated by encrypting the ciphertext using a second algorithm and the encryption key, the search token being distinct from the one or more pseudonymous tokens.



Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MATTHEW B SMITHERS whose telephone number is (571)272-3876. The examiner can normally be reached 8:00-4:00 (Teleworking).
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kristine Kincaid can be reached on 571-272-4063. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/MATTHEW SMITHERS/
Primary Examiner
Art Unit 2437