DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Response to Amendments
	This office action responds to the amendments filed on May 13, 2022 for application 16/775,114.  Claims 1-2 and 26-29 were amended, and claims 1-6, 20, and 26-29 remain open for examination.
Response to Arguments
	The Examiner has fully considered the Applicant’s arguments filed on May 13, 2022, and the Examiner responds as provided below.
	Regarding the Applicant’s response at pages 17 and 18 of the Remarks that concerns the objection to the drawings, the amendments to the drawings and specification cure the deficiencies and the corresponding objections are withdrawn.
	Regarding the Applicant’s response at pages 19 and 20 and of the Remarks that concerns the § 103 rejection of claim 1, the Applicant’s arguments in conjunction with the claim amendments are persuasive, and consequently the Examiner conducted a new prior art search. The Applicant’s arguments are now moot with respect to claim 1 because the arguments do not apply to one of the references currently used in the rejection of claim 1 as detailed below.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The following conventions apply to the mapping of the prior art to the claims:
Italicized text – claim language.
Parenthetical plain text – Examiner’s citation and explanation.
Quotation marks – language quoted from a prior art reference.
Underlining – language quoted from a claim.
Brackets – material altered from either a prior art reference or a claim, which includes the Examiner’s explanation that relates a claim limitation to the quoted material of a reference.
Braces – a limitation previously addressed in the primary reference analysis, but presented to provide context to a further limitation addressed in a secondary reference analysis.
Numbered footnote – a first phrase to be moved upwards to the primary reference analysis.
Lettered footnote – a second phrase to be moved after the movement of the first phrase from which it was lifted, or more succinctly, move numbered material first, lettered material last.
A.	Claims 1-6, 20, and 26-29 are rejected under 35 U.S.C. 103 as being unpatentable over Dodis et al., Fuzzy Extractors (see attached NPL document) in view of Herder et al. (US 2017/0141920, “Herder”).  (Cho et al. (US 10,826,686, “Cho”) is also made of record as patent literature that is closely related to Dodis.)
Regarding Claim 1
Dodis discloses
A method for generating a secure biometric code (p. 2, “It extracts a uniformly random string R from its input w in a noise-tolerant way: if the input changes to some w' but remains close, the string R can be reproduced exactly. To help in the reproduction of R, a fuzzy extractor, when used for the first time, outputs a helper string P that can safely be made public without decreasing the security of R,” noting “secure biometric code” is recited only in the preamble and not afforded patentable weight as the preamble merely amounts to stating a purpose for the method that is fully claimed, see MPEP § 2111.02(II) – Preamble Statements Reciting Purpose or Intended Use), comprising: 
1 …; 
acquiring a public code that is based on the biometric data of the user (p. “It extracts a uniformly random string R from its input w in a noise-tolerant way: if the input changes to some w' but remains close, the string R can be reproduced exactly. To help in the reproduction of R, a fuzzy extractor, when used for the first time, outputs a helper string P [acting as a public code] that can safely be made public without decreasing the security of R.”  see also Cho Figs. 3 & 4, Col. 7:60-8:36, “At the initial registration phase, Alice (element 300) can use a fingerprint scanner provided by Bob (element 302) to obtain and send biometric template m along with a secret information sk (element 304) to Bob (element 302).  Then, Bob (element 302) simply runs Lock(sk, m) (element 306) to obtain public helper string vault [as the public code] (element 308),” i.e., the “helper string vault” is based upon “fingerprint” as the “secret” and comprises the public code), 
wherein the public code does not include any of the biometric data (Dodis Fig. 1 (b), p. 2, “To help in the reproduction of R, a fuzzy extractor, when used for the first time, outputs a helper string P [as the public code that does not include any of the biometric data represented as “w”] that can safely be made public without decreasing the security of R;” see also Cho Col. 8:8-36, “Note that given vault and h (element 310), no information about Alice's (element 300) secret information sk or her biometric data (element 304) is revealed  to the adversarial third party even if it completely breaks in the Bob's (element 302) server to obtain vault (element 308).”) and 
wherein the user cannot be identified from the public code (Dodis Fig. 1 (b), p. 2, “To help in the reproduction of R, a fuzzy extractor, when used for the first time, outputs a helper string P [as the public code] that can safely be made public without decreasing the security of R,” i.e., P is used to help recreate R, which is a uniformly random string, and P is “safely [] made public” because it doesn’t possess any information directly related to the fingerprint/biometric or the user; see also Cho Col. 8:8-36, “Note that given vault and h (element 310), no information about Alice's (element 300) secret information sk or her biometric data (element 304) is revealed to the adversarial third party even if it completely breaks in the Bob's (element 302) server to obtain vault (element 308).”); 
generating a stable code from the at least one first sample of biometric data according to the public code (Fig. 1 (b), p.2 “It extracts a uniformly random string R [as code] from its input w in a noise-tolerant way: if the input changes to some w' but remains close, the string R can be reproduced exactly [and is thus stable code that doesn’t vary with noise].”); and 
generating a first repeatable code from the stable code (p.15, “Assume we are given two hash functions H1, H2 : {0, 1}∗ → {0, 1}l (the pair can be simulated given a single random oracle by prepending a bit to the input). Construction 7 ([5]). • Gen(w): Let s = SS(w). Output P = (s, H1(w, s)) and R = H2(w, s);” p. 2 “It allows precise reconstruction of a noisy input, as follows: on input w, a procedure outputs a sketch s. Then, given s and a value w' close to w, it is possible to recover w.;” and p. 4, “Let M be a metric space with distance function dis. Informally, a secure sketch enables recovery of a string w ∈ M from any ‘close’ string w 0 ∈ M without leaking too much information about w,” and “The sketching procedure SS on input w ∈ M returns a string s ∈ {0, 1},” i.e., one way to create the stable code as “R” is to hash (s, w), where (s,w) in essence represents stable code before being hashed via the hashing function H2, to create a final version of “R” as stable code, where this version of “R” created via hashing is a first repeatable code, noting it is repeatable because it can be recreated given the subsequent input of w’), 
wherein the first repeatable code is suitable for bitwise comparison (p. 15, “Assume we are given two hash functions H1, H2 : {0, 1}∗ → {0, 1}l,” i.e., the definition of H2 involving the set of 0 and 1 indicates the first repeatable code is suitable for bitwise comparison) generated from at least one second sample of the biometric data of the user according to the public code of the user (pp 2, “It allows precise reconstruction of a noisy input, as follows: on input w, a procedure outputs a sketch s. Then, given s and a value w' [as at least one second sample of the biometric data of the user] close to w, it is possible to recover w;” and p. 4, Fig. 1 (b), i.e., with w’ and P as the second sample and the public code, respectively, R is “Rep” or reproduced, which can be the hash version to implement bitwise comparison).
Dodis doesn’t disclose
1 receiving at least one first sample of biometric data of a user;
Herder, however, discloses
1 receiving at least one first sample of biometric data of a user; (¶ [0095], “In a fifth process 55, the computing facility calculates a biometric public key based on the secret number and the confident subset [as one first sample] of biometric values;” and ¶ [0091], “The next step is selecting the confident subset in process 53, the confident subset [as one first sample] being a reliable discriminant of the identity of the subject based on the biometric [or the biometric data as sampled in either Dodis or Herder],” i.e., Dodis discloses at least “w” as biometric data, and Herder discloses a “confident subset” that recognizes one first sample may be different than the biometric data collected as a whole),
	Regarding the combination of Dodis and Herder, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the biometric system of Dodis to have included the confident-subset feature of Herder. One of ordinary skill in the art would have been motivated to incorporate the confident-subset feature of Herder because Herder teaches that the use of a confident subset “may be created using the portions of the biometric data that are most repeatable between measurements and best distinguishes between different individuals,” thereby “provid[ing] a dramatically better basis for authentication.”  See Herder ¶ [0010]. 
Regarding Claim 2
Dodis in view of Herder (“Dodis-Herder”) discloses the method of claim 1, and Herder further discloses
wherein the public code (¶¶ [0091], [0095]) comprises a validity mask for the biometric data of the user (¶ [0051], “A ‘confident subset’ of biometric data is a collection of biometric values, selected according to their respective confidence values, that [are valid[] and] is (a) large enough to uniquely identify an individual within a given universe of identifiable individuals, and (b) small enough to be repeatably obtainable across measurements of the corresponding biometric under different conditions,” i.e., a validity mask by only retaining the statistically valid values).
Regarding the combination of Dodis and Herder, that rationale to combine is the same as provided for claim 1 due to the overlapping subject matter of claims 1 and 2.  
Regarding Claim 3
Dodis-Herder discloses the method of claim 2, and Herder further discloses 
wherein the validity mask (¶ [0051]) identifies portions of the biometric data of the user that are suitable (¶¶ [0084]-[0085], “In a third process 53, the confidence values are used to select a confident subset of biometric values that are stable [and thus valid] between characterizations. The confident subset should be a reliable discriminant of the identity of the subject based on the biometric, and may be done, for example, by selecting a subset of the extracted biometric values whose corresponding confidence values are above a certain threshold. This process 53 therefore selects biometric values that are less likely to be noisy, and more likely to be stable. Thus, although each individual iris capture may have significant variation, each will very likely contain a subset of pixels that are reliable, and can be used in subsequent processing”) for bitwise comparison as valid bits (¶¶ [0084]-[0085], “The processes 52 and 53 optionally may be repeated during enrollment until the confident subset of such pixels stabilizes. While any number of bits may be used as a confident subset, in one embodiment the number of [valid] bits in the confident subset is limited to fewer than 540 bits.”).
Regarding the combination of Dodis and Herder, that rationale to combine is the same as provided for claim 1 due to the overlapping subject matter of claims 1 and 2.
Regarding Claim 4
Dodis-Herder discloses the method of claim 3, and Herder further discloses 
wherein the portions of the biometric data of the user that are identified as valid bits (¶¶ [0084]-[0085]) are based on the portions consistently resulting in a single binary value (¶ [0084], “In a third process 53, the confidence values are used to select a confident subset of biometric values that are stable between characterizations,” i.e., “stable … characterizations” are ones in which a portion[] consistently result[s] in a bit value of a 0 or 1 as a single binary value). 
Regarding the combination of Dodis and Herder, that rationale to combine is the same as provided for claim 1 due to the overlapping subject matter of claims 1 and 4. 
Regarding Claim 5
Dodis-Herder discloses the method of claim 4, and Herder further discloses 
wherein a degree of consistency required to identify a portion of the biometric data as a valid bit of the valid bits is based on an acceptable false acceptance rate (¶ [0085], “Processes 52 and 53 together produce a confident subset of the raw biological values that can be used to reliably discriminate between individuals. Ideally, the confident subset permits identification of individuals with an extremely low [or acceptable] false acceptance rate (where a subject is authenticated as an individual that they are not),” and “In particular, whether or not certain processes are performed or what threshold or parameters are used depends on the false accept rate and false reject rate, and these rates are varied because they depend on the application. It should also be understood that these processes may also be performed during the authentication method described below in connection with FIG. 6.”).  
Regarding the combination of Dodis and Herder, that rationale to combine is the same as provided for claim 1 due to the overlapping subject matter of claims 1 and 5.
Regarding Claim 6
Dodis-Herder discloses the method of claim 4, and Herder further discloses
wherein a degree of consistency required to identify a portion of the biometric data as a valid bit of the valid bits is based on an acceptable false rejection rate (¶ [0085], “Processes 52 and 53 together produce a confident subset of the raw biological values that can be used to reliably discriminate between individuals. Ideally, the confident subset permits identification of individuals … and with a relatively low [or acceptable] false rejection rate (where a subject is not authenticated as an individual that they are).,” and “In particular, whether or not certain processes are performed or what threshold or parameters are used depends on the false accept rate and false reject rate, and these rates are varied because they depend on the application. It should also be understood that these processes may also be performed during the authentication method described below in connection with FIG. 6.”).
Regarding the combination of Dodis and Herder, that rationale to combine is the same as provided for claim 1 due to the overlapping subject matter of claims 1 and 6.
Regarding Claim 20
Dodis-Herder discloses the method of claim 1, and Herder further discloses 
wherein the biometric data of the user comprises fingerprint data, iris data, or facial data (¶ [0058], “To facilitate the authentication process, the subject 11 is presented to a transducer 12, which obtains a biometric. The transducer 12 may be, for example, an iris scanner or a fingerprint reader. The transducer 12 converts raw biometric data, such as an image, into a digital electronic signal that characterizes the biometric of the subject.”).
Regarding the combination of Dodis and Herder, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the biometric system of Dodis to have included the specific biometric features of Herder. One of ordinary skill in the art would have been motivated to incorporate the specific biometric features of Herder because Dodis teaches the collection of biometrics, see Dodis p. 2, and the specific collection of iris and fingerprint data are well-known biometric features to one skilled in the art. 
Regarding Claim 26
Dodis-Herder discloses the method of claim 1, and Dodis further discloses 
further comprising: 
1 …;
a … the first repeatable code… (pp. 2, 4,and 15)
2 ….
b …unencrypted public code… (p. 2, Fig. 1 (b))
Herder further discloses
1 receiving a request to revoke the { a first repeatable code} (¶ [0138], “One downside that is often cited for biometrics is that if an individual's iris scan or fingerprint is compromised, it can't be ‘reset’ like a password can be reset. But with the processes described herein, multiple keys can be derived from the same biometric, so if F(S) [i.e., a hash value as a repeatable code, see ¶ [0104], which corresponds to the final hashed version of R as disclosed by Dodis p. 15]  is compromised, one can compute a new F′(S) [or final hashed version of R, and consequently a new P as an unencrypted public code] for the same person's biometric,” i.e., if a credential is compromised, it would be obvious to request to revoke the credentials (e.g., first repeatable code) and receive another credential so that one can be authenticated again in the future, see See MPEP § 2141(III), stating “Prior art is not limited just to the references being applied, but includes the understanding of one of ordinary skill in the art. The prior art reference (or references when combined) need not teach or suggest all the claim limitations, however, Office personnel must explain why the difference(s) between the prior art and the claimed invention would have been obvious to one of ordinary skill in the art.”); 
modifying, in response to the request, the { b unencrypted public code} that is associated with the user (¶ [0138], “But with the processes described herein, multiple keys can be derived from the same biometric, so if F(S) is compromised, one can compute a new F′(S) [or final hashed version of R, and consequently a new P as an unencrypted public code] for the same person's biometric.”), 
wherein the modification of the unencrypted public code causes a third repeatable code to be generated from any sample of the biometric data of the user and the modified public code (¶¶ [0094]-[0095], [0138], i.e., with the new secret S that is created in response to the request, a new hash F(S) as a final version of R as disclosed by Dodis is created as the third repeatable code, where any new version of R is created by way of w as disclosed by Dodis p. 2), and 
wherein the third repeatable code is not a bitwise match with the first repeatable code or the second repeatable code (if the secret S, and thus R as disclosed by Dodis, is changed after the request to address the compromised credential, then the hash version of the old R as the first repeatable code will not [be] a bitwise match to the third repeatable code created from the hash of the new R in response to the request, with same applying to the second repeatable code since the first and second repeatable codes are bitwise matches).
Regarding the combination of Dodis and Herder, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the biometric system of Dodis to have included the recovery feature of Herder. One of ordinary skill in the art would have been motivated to incorporate the recovery feature of Herder because Herder teaches “One downside that is often cited for biometrics is that if an individual's iris scan or fingerprint is compromised, it can't be “reset” like a password can be reset. But with the processes described herein, multiple keys can be derived from the same biometric, so if F(S) is compromised, one can compute a new F′(S) for the same person's biometric. Embodiments of the invention are unique in being able to overcome this downside.”  See Herder ¶ [0138].    
Regarding Claim 27
Dodis-Herder discloses the method of claim 26, and Dodis further discloses 
further comprising generating a modified first repeatable code of the user based on the modified public code (p. 15, i.e., a new hash is created based upon a new hash (w, s) being created as disclosed by Herder ¶ [0138], which leads to a new final version of R that incorporates a hash that represents modified first repeatable code and is based on the modified public code, i.e., when R is modified, P is modified to recreate R for authentication purposes), 
wherein the modified first repeatable code comprises a bitwise match with the third repeatable code (p. 15, Fig. 1 (b), i.e., when a new R, which is based upon a hash, is created after the request, it will match “bit for bit” the third repeatable code, which is also based upon a hash, during an authentication process).
Regarding the (implicit) combination of Dodis and Herder, the rationale to combine is the same as provided for claim 26 due to the overlapping subject matter between claims 26 and 27. 
Regarding Independent Claims 28 and 29
With respect to independent claims 28 and 29, a corresponding reasoning as given earlier for independent claim 1 applies, mutatis mutandis, to the subject matter of claims 28 and 29. Therefore, claims 28 and 29 are rejected, for similar reasons, under the grounds set forth for claim 1. 

Conclusion
THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to D'ARCY WINSTON STRAUB whose telephone number is (303)297-4405. The examiner can normally be reached Monday-Friday 9:00-5:00 Mountain Time.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, ASHOKKUMAR B PATEL can be reached on (571)272-3972. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.



/D'Arcy Winston Straub/Examiner, Art Unit 2491                                                                                                                                                                                                        



/ASHOKKUMAR B PATEL/Supervisory Patent Examiner, Art Unit 2491