DETAILED ACTION
1.	Applicant's amendment filed on March 28, 2022 has been entered.  Claims 1-30 are pending.  
Notice of Pre-AIA  or AIA  Status
2.	The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Response to Argument
3.	Applicant’s arguments filed March 28, 2022 have been fully considered and are persuasive.
Allowable Subject Matter
4.	Claims 1-30 are allowed for the reasons argued by Applicants on pages 10-16 of Remarks, filed March 28, 2022.  None of the prior art of record, either taken by itself or in any combination, would have anticipated or made obvious the claimed invention of the present application at or before the date it was effectively filed.
	The prior art of record Moret; Eric et al. (US 8429403 B2) discloses a method performed by a network device may include generating and storing a first public key and a first private key in a first device, transmitting a serial number and the first public key from the first device to a second device, generating, by the second device, a second public key and a second private key, transmitting the second public key from the second device to the first device and transmitting the serial number, the first public key, the second public key and the second private key to a third device, establishing and authenticating a connection between the first device and the third device using the first public key and the second public key and transmitting encrypted configuration information with the two key pairs from the third device to the first device.
The prior art of record Marek; Adam (US 20140181513 A1) discloses Various embodiments are generally directed to pairing computing devices for collaborative interaction via a network through a centralized secure device pairing service. An apparatus comprises a controller processor circuit, and a controller storage communicatively coupled to the controller processor circuit to store an initial private key and to store instructions that when executed by the controller processor circuit cause the controller processor circuit to create a first signature using the initial private key, transmit the first signature to an issuing server via a network, receive a group public key and an associated member private key from the issuing server, create a second signature using the member private key, transmit the second signature to a member device via the network; receive a third signature from the member device; and authenticate the third signature using the group public key. Other embodiments are described and claimed herein.
The prior art of record Lambert; Robert J. (US 8621239 B2) discloses a method of inhibiting the disclosure of confidential information through power analysis attacks on processors in cryptographic systems. The method masks a cryptographic operation using a generator G. A secret value, which may be combined with the generator G to form a secret generator is generated. The secret value is divided into a plurality of parts. A random value is generated for association with the plurality of parts. Each of the plurality of parts is combined with the random value to derive a plurality of new values such that the new values when combined are equivalent to the secret value. Each of the new values is used in the cryptographic operation, thereby using the secret generator in place of the generator G in the cryptographic operation. The introduction of randomness facilitates the introduction of noise into algorithms used by cryptographic systems so as to mask the secret value and provide protection against power analysis attacks.
The prior art of record Vanstone; Scott Alexander et al. (US 8462944 B2) discloses a potential bias in the generation of a private key is avoided by selecting the key and comparing it against the system parameters. If a predetermined condition is attained it is accepted. If not it is rejected and a new key is generated.
The prior art of record Natarajan; Vijayarangan (US 20120023336 A1) discloses a system and method for facilitating secure client server communication using elliptical curve cryptography and certificateless public key infrastructure has been disclosed. The system includes a secret key generation means which generates a secret key of m-bits based on the elliptic curve diffie hellman algorithm. The system further includes a session key generation means which makes use of said secret key and elliptic curve diffie hellman algorithm to generate a session key. The session key is used to facilitate secured communication between the client and the server.
The prior art of record Bugbee; Larry (US 20090185677 A1) discloses a method and system for securely communicating information via a low bandwidth channel uses encryption that adds comparatively little overhead to the size of the transmission. This method and system efficiently take advantage of the properties of public key cryptography, a shared secret, a traffic key from the shared secret, an abbreviated initialization vector, and an abbreviated whole message signature. The information and the whole message signature are encrypted using the traffic key with a stream cipher.
The prior art of record Rong; Chunming et al. (US 20120269348 A1) discloses an invention relates to system for securing an information unit and applications thereof. The system comprising at least one encrypting means for applying a first encryption key to the information unit thus provided an encrypted information unit, wherein said at least one encryption means is adapted to apply at least two second information encryption keys to the encrypted information unit, said at least two second encryption keys being calculated so as to decrypt the encrypted information unit when all of said first and second encryption keys have been applied to the information unit, the encryption keys being distributed to chosen users of the system.
The prior art of record Hars; Laszlo et al. (US 20120278635 A1) discloses Apparatus and method for providing data security through cascaded encryption. In accordance with various embodiments, input data are encrypted in relation to a first auxiliary data value to provide first level ciphertext. The first level ciphertext are encrypted using a second auxiliary data value associated with a selected physical location in a memory to produce second level ciphertext, which are thereafter stored to the selected physical location. In some embodiments, migration of the stored data to a new target location comprises partial decryption and re-encryption of the data using a third auxiliary data value associated with a new target physical location to produce third level ciphertext, and the storage of the third level ciphertext to the new target physical location.
The prior art of record Hursti; Harri (US 20140195804 A1) discloses various embodiments for securely sending and receiving data between one or more clients. A ciphertext key suitable for use by a first encryption algorithm is generated. Plaintext data is encrypted according to the first encryption algorithm using the first encryption key. The ciphertext key is then encrypted using a second encryption algorithm configured with a recipient key to generate a recipient wrapper. The ciphertext data and the recipient wrapper are then transmitted to a remote computing device via a network.
The prior art of record Chui, Charles K. (US 20030076959 A1) discloses a method for secure transmission of a data message locks, at the sender, the data message using a first lock. The locked data message is transmitted to the receiver. Next, the locked data message is double-locked, at the receiver, using a second lock. Then, this double-locked data message is transmitted back to the sender. The first lock of the double-locked data message is then unlocked, at the sender, using a first key, leaving the data message single-locked by the second lock. The single-locked data message is transmitted back to the receiver, where the second lock of the single-locked data message is unlocked, using a second key, to generate the data message, completing the secure transmission.
Based on the teaching of the above prior arts of record, although they are teaching similar subject matter, these prior arts of record Moret; Eric et al. (US 8429403 B2), Marek; Adam (US 20140181513 A1), Lambert; Robert J. (US 8621239 B2), Vanstone; Scott Alexander et al. (US 8462944 B2), Natarajan; Vijayarangan (US 20120023336 A1), Bugbee; Larry (US 20090185677 A1), Rong; Chunming et al. (US 20120269348 A1), Hars; Laszlo et al. (US 20120278635 A1), Hursti; Harri (US 20140195804 A1), and Chui, Charles K. (US 20030076959 A1), do not disclose these specific limitations of deriving, by a system-on-a-chip (SoC), a first symmetric ciphering key from a first elliptic curve Diffie Hellman (ECDH) key exchange with the device static private key, the device ephemeral private key, and the network public key; deriving, by the SoC, a second symmetric ciphering key from a second ECDH key exchange with the device static private key, the device ephemeral private key, and the server public key;  encrypting, by the SoC, at least the device identity with the first symmetric ciphering key to generate a first ciphertext; transmitting, by a radio in the wireless device and to the network, the device ephemeral public key and the first ciphertext, wherein the SoC sends the device ephemeral public key and the first ciphertext to the radio in the wireless device using a system bus; receiving, by the radio in the wireless device and from the network, a double-encrypted response; conducting, by the SoC, a first decryption of the double-encrypted response with the second symmetric ciphering key in order to read a second ciphertext, wherein the SoC receives the double-encrypted ciphertext from the radio in the wireless device using the system bus; and conducting, by the SoC, a second decryption of the second ciphertext with the first symmetric ciphering key in order to read a plaintext response (emphasis added), as set forth in claim 1.
These prior arts of record Moret; Eric et al. (US 8429403 B2), Marek; Adam (US 20140181513 A1), Lambert; Robert J. (US 8621239 B2), Vanstone; Scott Alexander et al. (US 8462944 B2), Natarajan; Vijayarangan (US 20120023336 A1), Bugbee; Larry (US 20090185677 A1), Rong; Chunming et al. (US 20120269348 A1), Hars; Laszlo et al. (US 20120278635 A1), Hursti; Harri (US 20140195804 A1), and Chui, Charles K. (US 20030076959 A1), also do not disclose these specific limitations of deriving a first symmetric ciphering key from a first elliptic curve Diffie Hellman (ECDH) key exchange with the device static public key, the device ephemeral public key, and the network private key, wherein the first server conducts the first ECDH key exchange; deriving, by the second server, a second symmetric ciphering key from a second ECDH key exchange with the device static public key, the device ephemeral public key, and the server private key, wherein an algorithm for the second ECDH key exchange is stored in a random access memory for the second server; decrypting, by a processor, the first ciphertext with the first symmetric ciphering key in order to read at least a device identity; encrypting, by the processor, a plaintext response with the first symmetric ciphering key in order to generate a second ciphertext, wherein the plaintext response comprises an instruction for an actuator in the wireless device; encrypting, by the second server, the second ciphertext with the second symmetric ciphering key in order to generate a double-encrypted response (emphasis added), as set forth in claim 11 and similar to claim 21.
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee. Such submissions should be clearly labeled "Comments on Statement of Reasons for Allowance."
Conclusion  
5.	Any inquiry concerning this communication or earlier communications from the examiner should be directed to THANHNGA B TRUONG whose telephone number is 571-272-3858. 
		If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Yin-Chen Shaw can be reached on 571-272-8878.  The central fax number for the organization where this application or proceeding is assigned is 571-273-8300.
Any inquiry of a general nature or relating to the status of this application or proceeding should be directed to the receptionist whose telephone number is 571-272-2100.



/THANHNGA B TRUONG/Primary Examiner, Art Unit 2498                                                                                                                                                                                                        March 31, 2022