DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
1. The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Response to Amendment
2. This is in response to the amendments filed on 7/19/2022. Claims 1, 8, and 15 have been amended by way of Examiner’s Amendment are currently pending and have been considered below. Claims 22-24 have been cancelled.

Examiner’s Amendment
3. An examiner’s amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.
Authorization for this examiner’s amendment was given in via electronic correspondence on 07/19/2022 in response to an interview conducted with Andrew Lee on 07/19/2022.

Please amend only claims 1, 8, and 15 as follows:
1.	(Currently Amended)  A method comprising:
receiving, by each server in a plurality of servers executing a secure multi-party computation (MPC) protocol, shares of a plurality of inputs to the MPC protocol from a plurality of clients, wherein the plurality of servers are distinct from the plurality of clients, wherein each input in the plurality of inputs is private to each client in the plurality of clients, and wherein each share is generated from its corresponding input using a threshold secret sharing scheme;
verifying, by said each server, whether the shares of the plurality of inputs are valid or invalid, wherein a share is invalid if the share does not conform to rules of the threshold secret sharing scheme;
for each invalid share, determining, by said each server, whether a client that submitted the invalid share is a corrupted client, which means that the client purposefully submitted the invalid share to the plurality of servers, or a server that holds the invalid share is a corrupted server, which means that the server received a valid and changed the valid share into the invalid share;
upon determining that the client that submitted the invalid share is a corrupted client, ignoring, by said each server, the input of the client during a computation phase of the MPC protocol; and
upon determining that the server that holds the invalid share is a corrupted server, preventing, by said each server, the server that holds the invalid share from participating in the computation phase.
8.	(Currently Amended)  A non-transitory computer readable storage medium having stored thereon program code executable by each server in a plurality of servers executing a secure multi-party computation (MPC) protocol, the program code causing said each server to execute a method comprising:
receiving shares of a plurality of inputs to the MPC protocol from a plurality of clients, wherein the plurality of servers are distinct from the plurality of clients, wherein each input in the plurality of inputs is private to each client in the plurality of clients, and wherein each share is generated from its corresponding input using a threshold secret sharing scheme;
verifying whether the shares of the plurality of inputs are valid or invalid, wherein a share is invalid if the share does not conform to rules of the threshold secret sharing scheme;
for each invalid share, determining whether a client that submitted the invalid share is a corrupted client, which means that the client purposefully submitted the invalid share to the plurality of servers, or a server that holds the invalid share is a corrupted server, which means that the server received a valid and changed the valid share into the invalid share;
upon determining that the client that submitted the invalid share is a corrupted client, ignoring the input of the client during a computation phase of the MPC protocol; and
upon determining that the server that holds the invalid share is a corrupted server, preventing the server that holds the invalid share from participating in the computation phase.
15.	(Currently Amended)  A server among a plurality of servers executing a secure multi-party computation (MPC) protocol, the server comprising:
a processor; and
a non-transitory computer readable medium having stored thereon program code that, when executed, causes the processor to:
	receive shares of a plurality of inputs to the MPC protocol from a plurality of clients, wherein the plurality of servers are distinct from the plurality of clients, wherein each input in the plurality of inputs is private to each client in the plurality of clients, and wherein each share is generated from its corresponding input using a threshold secret sharing scheme;
	verify whether the shares of the plurality of inputs are valid or invalid, wherein a share is invalid if the share does not conform to rules of the threshold secret sharing scheme;
	for each invalid share, determine whether a client that submitted the invalid share is a corrupted client, which means that the client purposefully submitted the invalid share to the plurality of servers, or a server that holds the invalid share is a corrupted server, which means that the server received a valid and changed the valid share into the invalid share;
	upon determining that the client that submitted the invalid share is a corrupted client, ignore the input of the client during a computation phase of the MPC protocol; and
	upon determining that the server that holds the invalid share is a corrupted server, prevent the server that holds the invalid share from participating in the computation phase.
22-24.	(Canceled)


Allowable Subject Matter
4.    Claims 1 -21 are allowed as amended.

Examiner Reason for Allowance
5.    The following is an examiner’s statement of reasons for allowance: The Examiner finds novel the feature whereby for each invalid share, determining, by said each server, whether a client that submitted the invalid share is a corrupted client, which means that the client purposefully submitted the invalid share to the plurality of servers, or a server that holds the invalid share is a corrupted server, which means that the server received a valid share from the client and changed the valid share into the invalid share.  The closest prior art being "El Delfrawy1" (US 9614676 B1), "El Delfrawy2" (US 9536114 B1), “Joy” (US 20170353855 A1), “Ranellucci” (US 20200153640 A1), and newly cited “Cammarota” (US 20200320206 A1). El Delfrawy1 discloses a system for implementing proactive secret sharing. The system uses a Secret-Share protocol to distribute, by a computing device, a block of secret data comprising shares of secret data among a set of computing devices, wherein each computing device in the set of computing devices holds an initial share of secret data.  El Delfrawy2 discloses a system for secure mobile proactive multi-party computation. The system securely evaluates a circuit in the presence of an adversary. The circuit receives secret inputs comprising secret values from a set of servers. Shares of random values for the random and input gates are generated. For each input gate, a sharing of a random value associated with the input gate is opened toward a server P.sub.i. A sum of the server P.sub.i's secret values and the random value is broadcast to the set of servers. Joy discloses a privacy-preserving stream analytics (personal data collection method, apparatus, and/or system) from an electronic (e.g., mobile) device providing communications, such as to a network (e.g., Internet). Data queries from a data analyst are received but not directly answered with a truthful query response. Truthful responses are privatized and anonymized based on a randomized response mechanism which releases privatized data and not the original answer. Ranellucci discloses a method for signing a message, comprising performing a first Multi-Party Computation (MPC) process by multiple parties to compute a pseudorandom function, an input of the first MPC process comprises shares of a private signing key, each share is held by each party, the message is an input value to the pseudorandom function. Newly cited Cammarota discloses a system allowing a user to update a policy enforced by a program over time based on decisions made by the program according to the policy.

6. What is missing from the prior art of record is a computer-readable storage media, a method, and a system for determining, by said each server, whether a client that submitted the invalid share is a corrupted client, which means that the client purposefully submitted the invalid share to the plurality of servers, or a server that holds the invalid share is a corrupted server, which means that the server received a valid share from the client and changed the valid share into the invalid share. 

Thus the prior art does not teach or suggest, either individually or in combination, the subject matter as claimed in claims 1, 8, and 15. Therefore claims 1, 8, and 15 are deemed allowable over the prior art of record. The corresponding depending claims that further limit claims 1, 8, and 15 also contain allowable subject matter by virtue of their dependency.

Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee. Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”

Contact Information
Any inquiry concerning this communication or earlier communications from the examiner should be directed to WILLIAM B. JONES whose telephone number is (571) 272-9637.  The examiner can normally be reached on Mon - Fri., 5:30 a.m. to 2:00 p.m.  If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Ashok Patel can be reached on 571-272-3972.  The fax phone number for the organization where this application or proceeding is assigned is 571-272-3900.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
 /WILLIAM B JONES/Examiner, Art Unit 2491
07/21/2022

/ASHOKKUMAR B PATEL/Supervisory Patent Examiner, Art Unit 2491