DETAILED ACTION
Notice of AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .


Response to Amendment
The amendment filed 2022-06-28 has been entered and fully considered.

In light of applicant’s amendment, filed 2022-06-28, the claim objections have been withdrawn.

In light of applicant’s Terminal Disclaimer, filed 2022-07-05, the nonstatutory obviousness-type double patenting rejection has been withdrawn.

In light of applicant’s amendment, filed 2022-06-28, the 35 U.S.C. § 112(a) rejection at ¶8 has been withdrawn.

In light of applicant’s amendment, filed 2022-06-28, the 35 U.S.C. § 112(b) rejection has been withdrawn.

Applicant’s arguments, see pp. 10-12, filed 2022-06-28, with respect to the claim amendments overcoming the prior art of the rejection of claims 21-40 under 35 U.S.C. § 102(a)(2) have been fully considered and are persuasive. 


Terminal Disclaimer
The terminal disclaimer filed on 2022-07-05 disclaiming the terminal portion of any patent granted on this application which would extend beyond the expiration date of Patent Number 10699030 has been reviewed and is accepted.  The terminal disclaimer has been recorded.


Examiner’s Amendment
An examiner’s amendment to the record appears below.  Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 1.312.  To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.
Authorization for this examiner’s amendment was given in a telephone interview with Dmitry Andreev (Reg. 57428) on 2022-07-05.

Please replace the Claims as follows:

1-20.	(Canceled) 
21.	(Currently amended) A method, comprising:
receiving, by a computing device, an input value;
selecting an input mask and an output mask;
generating a plurality of intermediate masks intermediate masks 
computing a transformation output mask by concatenating the plurality of intermediate masks 
computing an output value of a cryptographic operation round by applying a non-linear transformation to the input value; and
protecting a cryptographic operation from an external monitoring attack by masking the output value with the transformation output mask.
22.	(Previously presented) The method of claim 21, wherein selecting the input mask and the output mask comprises randomly generating at least one of: the input mask or the output mask.
23.	(Currently amended) The method of claim 21, wherein generating the plurality of intermediate masks 
randomly generating a subset of the plurality of intermediate masks 
computing a first portion of the plurality of intermediate masks intermediate masks 
24.	(Currently amended) The method of claim 21, wherein computing the transformation output mask comprises concatenating the plurality of intermediate masks 
25.	(Previously presented) The method of claim 21, wherein the non-linear transformation is implemented by a substitution table.
26.	(Previously presented) The method of claim 21, further comprising:
generating a masked substitution table by computing, for a plurality of input values, corresponding output values of the cryptographic operation and masking the computed output values with the transformation output mask.
27.	(Previously presented) The method of claim 26, further comprising:
utilizing the masked substitution table for performing a plurality of rounds of a cryptographic operation.
28.	(Previously presented) The method of claim 27, wherein the cryptographic operation is one of: Advanced Encryption Standard (AES), Data Encryption Standard (DES), Blowfish, or Twofish.
29.	(Currently amended) A system, comprising:
a memory; and
a processing device coupled to the memory, the processing device to:
receive an input value;
select an input mask and an output mask;
generate a plurality of intermediate masks intermediate masks 
compute a transformation output mask by concatenating the plurality of intermediate masks 
compute an output value of a cryptographic operation round by applying a non-linear transformation to the input value; and
protect a cryptographic operation from an external monitoring attack by masking the output value with the transformation output mask.
30.	(Previously presented) The system of claim 29, wherein selecting the input mask and the output mask comprises randomly generating at least one of: the input mask or the output mask.
31.	(Currently amended) The system of claim 29, wherein generating the plurality of intermediate masks 
randomly generating a subset of the plurality of intermediate masks 
computing a first portion of the plurality of intermediate masks intermediate masks 
32.	(Currently amended) The system of claim 29, wherein computing the transformation output mask comprises concatenating the plurality of intermediate masks 
33.	(Previously presented) The system of claim 29, wherein the non-linear transformation is implemented by a substitution table.
34.	(Previously presented) The system of claim 29, wherein the processing device is further to:
generate a masked substitution table by computing, for a plurality of input values, corresponding output values of the cryptographic operation and masking the computed output values with the transformation output mask.
35.	(Currently amended) A computer-readable non-transitory storage medium comprising executable instructions that, when executed by a computing device, cause the computing device to:
receive an input value;
select an input mask and an output mask;
generate a plurality of intermediate masks intermediate masks 
compute a transformation output mask by concatenating the plurality of intermediate masks 
compute an output value of a cryptographic operation round by applying a non-linear transformation to the input value; and
protect a cryptographic operation from an external monitoring attack by masking the output value with the transformation output mask.
36.	(Previously presented) The computer-readable non-transitory storage medium of claim 35, wherein selecting the input mask and the output mask comprises randomly generating at least one of: the input mask or the output mask.
37.	(Currently amended) The computer-readable non-transitory storage medium of claim 35, wherein generating the plurality of intermediate masks 
randomly generating a subset of the plurality of intermediate masks 
computing a first portion of the plurality of intermediate masks intermediate masks 
38.	(Currently amended) The computer-readable non-transitory storage medium of claim 35, wherein computing the transformation output mask comprises concatenating the plurality of intermediate masks 
39.	(Previously presented) The computer-readable non-transitory storage medium of claim 35, wherein the non-linear transformation is implemented by a substitution table.
40.	(Previously presented) The computer-readable non-transitory storage medium of claim 35, further comprising executable instructions that, when executed by the computing device, cause the computing device to:
generate a masked substitution table by computing, for a plurality of input values, corresponding output values of the cryptographic operation and masking the computed output values with the transformation output mask.



Allowable Subject Matter
Claims 21-40 are allowed.

The following is a statement of reasons for the indication of allowable subject matter:
In interpreting the currently amended claims, in light of the specification as well arguments presented in the response to the Office action, the Examiner finds the claimed invention to be patentably distinct from the prior art of record.  First, Applicant’s arguments with respect to the claim amendments traversing the prior art of record are persuasive.  In addition, based on an updated search and further consideration, the Examiner has been unable to locate prior art that would anticipate or render obvious the claimed invention as a whole.

Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”


Any inquiry concerning this communication or earlier communications from the examiner should be directed to Kevin Bechtel whose telephone number is (571)270-5436.  The examiner can normally be reached on Monday - Friday, 09:00 - 17:00 ET.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool.  To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.  
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Ashok Patel can be reached on 571-272-3972.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov.  Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free).  If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/Kevin Bechtel/
Primary Examiner, Art Unit 2491