DETAILED ACTION
This Non Final Office Action is in response to Application filed on 11/23/2020.
Claims 1-16 filed on 11/23/2020 are being considered on the merits.

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Drawings
The drawings filed on 11/23/2020 are accepted.

Information Disclosure Statement
The information disclosure statements (IDS) submitted on 11/23/2020, 05/14/2021 and 06/22/2022 have been considered. The submission is in compliance with the provisions of 37 CFR 1.97.  Accordingly an initialed and dated copy of Applicant's IDS form 1449 filed 11/23/2020, 05/14/2021 and 06/22/2022 are attached to the instant Office action. 

Specification
The disclosure is objected to because of the following informalities: Page 6 line 21 recites “receive transformation data step 50” should read “receive transformation data step 40”, consistent with Figure 1 (40).  
Appropriate correction is required.

Claim Objections
Claims 3, 10 and 16 objected to because of the following informalities:
Claim 3 recites “a selected secret key”, it should read “a selected central secret key”, consistent with the recitations in claim 1, claim 3 further recites “and the device secret key of the user device”, it should read “and [[the]] a device secret key of the user device”, consistent with the preceding limitations in claim 3. The above remark is also applied to claim 10 with respect to “the device secret key”. For examination purpose, the above limitations would be interpreted as descried in the below USC 103 rejection.
Claim 16 recites “A computer program product comprising a computer program according to claim 15 and a computer readable means on which the computer program is stored.” It is not clear from claim 16, as drafted, whether claim 16 is an independent claim or a dependent claim. If claim 16 is intended to be an independent claim, examiner recommends replacing “according to claim 15” with the actual limitations recited in claim 15.
Appropriate correction is required.

Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows: 
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.

Claims 15-16 are rejected under 35 U.S.C. 101 because the claimed invention is directed to non-statutory subject matter.
Claim 15 recites in the preamble “a computer program…. Comprising computer program code…”, which under the broadest reasonable interpretation is considered program or software per se. Therefore claim 15 is non-statutory because it is directed towards program or software, per se, lacking storage on a medium, which enables any underlying functionality to occur. It is not clear whether instructions are in executable form and therefore there is no practical application.
Claim 16 as drafted implies that the program product is stored on a computer readable means, however, the specification of the instant application is not definitively clear as to what the “computer readable means” entails. For example, Page 11 line 6-17 recites examples of the “computer readable means”, e.g. DVD, Blu-Ray disk, USB however, the specification does not explicitly describe that the “computer readable means” excludes carrier wave or signal. Examiner recommends amending ““computer readable means” with “non-transitory computer readable means”.      
 


Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):

(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:

The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claims 1-2, 8-9 and 15 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor, or for pre-AIA  the applicant regards as the invention.
Claim 2 recites the limitations "the existing central secret key". Emphasis in italic. There is insufficient antecedent basis for these limitations in the claim. For examination purposes claim 2 will be read as “the [[existing]] first central secret key”, consistent with the recitation of claim 1. The above also apply to claim 9 with respect to claim 8.
Claims 1, 8 and 15 recite limitation, labeled as limitation B: “performing again the generating 
The “generating a second central secret key” in the preceding limitation, labeled as limitation A, is performed by applying the transformation data to a first central secret key, “wherein the transformation data is applied in reverse to how the same transformation data is applied by the first user device (2a) to a device secret key of the first user device…“, which seems to emphasize the generation to be based on transformation data applied and the first central secret key, wherein the transformation data is applied in reverse as compared to the application of the transformation data to the first user device secret key, 
whereas the “performing again the generating using secure communication between the key manager and the second user device, resulting in an evolved second device secret key and an evolved second central secret key”, emphasis in italic, seems to emphasize that “again the generating” is now associated with the second user device and the key manager using secure communication. However, 
reciting the “generating”, then followed by “performing again the generating” makes it unclear how the same generation in both limitations A and B, i.e. “generating…” and “again the generating” results into an evolved second device secret key and an evolved second central secret key. There seems to be missing steps pertaining to limitation B, by use of the secure communication and interaction between the second user device and the key manager, that is required to clarify how limitation B results into evolved second device secret key and an evolved second central secret key.
Page 8 line 1-12 of the specification of the instant application describes the motivation of “performing again the generating”, e.g. Page 8 line 5-7, 10-12 “ the second user device and the key manager might not be certain that the first user device actually deleted the second device secret key…the first user device is unable to generate the same second evolved device secret key”, however, there is no description in the instant application on how “performing again the generating” would result into evolved second device secret key and an evolved second central secret key. Therefore the scope of the claim is indefinite.  See MPEP 2173.05(p).
For examination purpose, “performing again the generating…”, will be interpreted as described in the below USC 103 rejection.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.

Claims 1-16 are rejected under 35 U.S.C. 103 as being unpatentable over Zheng (US 8437474 B2), hereinafter Zheng in view of Kang et. al. (US 20130205379 A1), hereinafter Kang, and further in view of Smith (US 20190349426 A1), hereinafter Smith.

Regarding claim 1 (Currently Amended), Zheng teaches a method for managing central secret keys of a plurality of user devices (Zheng Col. 2 line 57-63 “The individual private key uniquely identifies each group member. The group leader distributes the individual private keys to each of the group members. Each group member receives from a user a message encrypted using the group public key. Each of the group members uses its individual private key to decrypt the encrypted message sent by the user to the group.”, Col. 4 line 11-15 “FIG. 3 is a block diagram of illustrating a method of distributing a public-private key pair by the group leader 16 to the group members 18 (i.e. key manager) in accordance with step 23 of FIG. 2. The group leader 16 generates a public key for the group 14 and the individual private key 30 for each of the group members 18. ”): reverse 
receiving, transformation data and an identifier of a second user device(Zheng discloses Col. 4 line 45-66, Col. 5 line 1-40 receiving Z control data/data string and a unique ID for a device group member utilized by the group leader to compute the group member individual private key); 
obtaining (Zheng Col. 4 line 45-66 “ The group leader 16 also generates a pair of public and private exponents (e, d)…d is a master private key that is used to manufacture the private keys 30 for all of the group members 18… the group leader 16 utilizes the private exponent d to create a personalized decryption key 30, also referred to as an individual private key, for each of the group members. The decryption keys d.sub.i are computed according to the following equation (4): d.sub.i=d+HASH.sub.32(d,N,e,ID.sub.b,Z).times..phi.(N) (4)”, where the master private key, i.e. first central secret key, is utilized to create the individual private key d.sub.i, where the master private key d is used to create individual private keys that are associated with the singly public key as disclosed in Col. 2 line 57-63); 
generating (Zheng Col. 4 line 45- 66 “ The group leader 16 also generates a pair of public and private exponents (e, d)…d is a master private key that is used to manufacture the private keys 30 for all of the group members 18… the group leader 16 utilizes the private exponent d to create a personalized decryption key 30, also referred to as an individual private key, for each of the group members. The decryption keys d.sub.i are computed according to the following equation (4): d.sub.i=d+HASH.sub.32(d,N,e,ID.sub.b,Z).times..phi.(N) (4)”, where the individual private key, di, is generated by applying d and data string Z, transformation data, as disclosed in Col. 4 line 60-66), 

ensure the second central secret key and the second device secret key are also associated with the public key (Zheng discloses the intended use of creating the individual private keys of the group members as disclosed in equations 4 and 5 in Col. 4 and Col. 5, to ensure that the plurality of the individual private keys are associated with the singly public key, as disclosed in Col. 4 line 11-25)
storing (Zheng discloses the generated individual private key, associated with the respective group member, is generated by the equation in Col. 4 line 60, indicting storing the individual private key in order to subsequently distribute the individual private key to the respective member as disclosed in Figure 2 (22-23)); and 
performing again the generating evolved second device secret key and the evolved second central secret key also associated with the public key (Col. 6 line 12-23 “In the event of a key being disclosed to a third party, the group leader 16 may use p and q to identify the group member 18 who disclosed the decryption key so the group leader 16 knows which group member opened it. This can be accomplished by searching the list of member-decryption key pairs or recomputing the decryption key according to equation (6) to see which ID.sub.i will result in a d.sub.i that matches the disclosed private key. Thus, an advantage of the system and method of the present invention is that by sending a personalized decryption or individual private key, it is possible to identify the group member 18 who is the discloser.”, where the re-computation results in an evolved di, i.e. central secret key, that matches a disclosed di, device secret key, in a case where discloser is the second device, where the communication between the group leader and the group member communicate in a secure manner as disclosed n Col. 5 line 30-33 “Once the individual private keys d.sub.i have been computed according to one of the foregoing approaches, the group leader 16 then distributes the individual private keys d.sub.i to the i-th member in the group in a secure manner.”).
Zheng does not disclose the below limitations.
Kang discloses wherein the transformation data is applied in reverse to how the same transformation data is applied by the first user device (Kang illustrates in Figure 2: at the server 200: (a’=x+a), where (a’) is generated based on (a), interpreted as the first central secret key, and (x) interpreted as the transformation data, and at the client 100: (a=a’-x), where (a) is generated based on (a)’, interpreted as the first device secret key, and (x) interpreted as the same transformation data, where the operation/function on the (x) is performed in reverse, i.e. addition at the server and subtraction a the client).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Zheng to incorporate the teaching of Kang to utilize the above feature, with the motivation of determining whether authentication of a client has succeeded based on an error value., as recognized by (Kang Abstract and throughout).
Zheng in view of Kang do not disclose the be low limitation.
Smith discloses receiving from a first user device…transformation data (Smith teaches [1028] “The new key 14308 may then be used as needed for access. A key offset may be used to generate multiple new keys, by changing the offset between the full fractional key 14302 and the local key 14304. In this example, a remote control node may send only an offset value for generating the new key.”, [1034] “offset values to the internal circular key generators may be dispatched to nodes. Further, although fractional keys may be dispatched to nodes, the nodes may generate their own keys, decreasing a need to send new keys to nodes. Key re-generation may be performed on a regular time-scheduled basis.”, nodes/devices, where the offset value is sent to, has to have been identified and their identifier is further indicated).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Zheng in view of Kang to incorporate the teaching of Smith to utilize the above feature, with the motivation of generating multiple new keys, as recognized by (Smith [1028] and throughout).

Claims 8, 15, 16 are directed to a key manager, a computer program and computer program product, respectively, associated with the method claimed in claim 1. Claims 8 and 15 are similar in scope to claim 1, and are therefore rejected with the same rationale and motivation as claim 1 


Regarding claim 2 (Currently Amended), Zheng in view of Kang and Smith teaches he method according to claim 1, wherein [as a numerical offset] to the existing central secret key (Zheng discloses in Col. 4 line 45- 66 generating di by applying data string Z to the master private key d using a hash function).
  Zheng in view of Kang do not disclose the below limitation.
Smith discloses utilizing a numerical offset to an existing key (Smith [1028] “The new key 14308 may then be used as needed for access. A key offset may be used to generate multiple new keys, by changing the offset between the full fractional key 14302 and the local key 14304. In this example, a remote control node may send only an offset value for generating the new key.”, [1034] “ offset values to the internal circular key generators may be dispatched to nodes.”, [1042] “the processor 902 to receive an offset value for the generation of a key from the full fractional key and a key stored in the device.”, further in [2521, 2523]).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Zheng in view of Kang to incorporate the teaching of Smith to utilize the above feature, with the motivation of generating multiple new keys, as recognized by (Smith [1028] and throughout).

Claim 9 is directed to a key manager associated with the method claimed in claim 2. Claim 9 is similar in scope to claim 2, and is therefore rejected with the same rationale and motivation as claim 2. 
Regarding claim 3 (Currently Amended), Zheng in view of Kang and Smith teaches the method according to claim 1 or 2, further comprising the steps of: receiving (18) a request to perform a cryptographic action for one of the user devices (2a e), the request being associated with a particular one of the user devices (2a c) (Zheng Figure 1, Col. 4 line 6-11 “\All group members 18 then receive the message as shown in step 24. Finally, each of the group members 18 uses its individual private key to decrypt the encrypted message sent by the user 12 to the group 14 as shown in step 25.”, user’s device corresponds to the particular device, where a user device 12 sends an encrypted message, considered as a request, to group members 14, Col. 5 line 44-46); 
selecting (50) a central secret key corresponding to the user device (2a) of the request, yielding a selected secret key; and cooperating (52) with the user device (2a) of the request, such that the selected central secret key is applied by the key manager (1) and the device secret key of the user device (2a) of the request is applied by the user device (2a) of the request, to thereby perform the cryptographic action (Zheng Figure 1, Col. 4 line 6-11 discloses each group member, including the group leader, selects its own individual private key, selected secret key, to cooperate with the encrypted message, as request, received from the user device 12, the user device is cooperating with the group members by utilizing the single public key associated with the individual private keys).

Claim 10 is directed to a key manager associated with the method claimed in claim 3. Claim 10 is similar in scope to claim 3, and is therefore rejected with the same rationale and motivation as claim 3. 

Regarding claim 4 (Currently Amended), Zheng in view of Kang and Smith teaches the method according to claim 3, wherein the step of cooperating ((Zheng Figure 1, Col. 4 line 6-11 “\All group members 18 then receive the message as shown in step 24. Finally, each of the group members 18 uses its individual private key to decrypt the encrypted message sent by the user 12 to the group 14 as shown in step 25.”, user’s device corresponds to the particular device, where a user device 12 sends an encrypted message, considered as a request, to group members 14, Col. 5 line 44-46)); and 
transmitting (Zheng Col. 6 line 26-38 and Figure 4 illustrates the providing user with service, based on application server 48 decrypting a received tokens and communicating token with server 50).  

Claim 11 is directed to a key manager associated with the method claimed in claim 4. Claim 11 is similar in scope to claim 4, and is therefore rejected with the same rationale and motivation as claim 4. 
 
Regarding claim 5 (Currently Amended), Zheng in view of Kang and Smith teaches the method according to claim 3 or 1, wherein the cryptographic action is decrypting a set of data (Zheng Col. 4 line “\All group members 18 then receive the message as shown in step 24. Finally, each of the group members 18 uses its individual private key to decrypt the encrypted message sent by the user 12 to the group 14 as shown in step 25.”, user’s device corresponds to the particular device).
Claim 12 is directed to a key manager associated with the method claimed in claim 5. Claim 12 is similar in scope to claim 5, and is therefore rejected with the same rationale and motivation as claim 5. 

Regarding claim 6 (Currently Amended), Zheng in view of Kang and Smith teaches the method according to any one of claims 3 to 5claim 3, 
Zheng in view of Kang do not disclose the below limitation.
Smith discloses wherein the cryptographic action is signing a set of data (Smith [0333] “Authenticating an object class may be facilitated using EPID (Enhanced Privacy ID), which is an asymmetric encryption system involving a single public key matched to multiple private keys. A signature generated by any of the private keys can be verified with the single public key. Thus, the group object 602 may have a single public key, while each of the atomic objects 604 and composite objects 606 are issued a unique private ID. The system is not limited to using EPID, but may use other identification techniques, such as shared access signatures.”).  
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Zheng in view of Kang to incorporate the teaching of Smith to utilize the above feature, with the motivation of verifying identification and verification of the signing source, as recognized by (Smith [0333] and throughout).

Claim 13 is directed to a key manager associated with the method claimed in claim 6. Claim 13 is similar in scope to claim 6, and is therefore rejected with the same rationale and motivation as claim 6. 

Regarding claim 7 (Currently Amended), Zheng in view of Kang and Smith teaches the method according to laim 1, wherein the transformation data comprises a numerical value (Zheng Col. 5 line 11-12 “An example of control data that might be used for Z is a timestamp”, where the time stamp comprises numerical time value).  

Claim 14 is directed to a key manager associated with the method claimed in claim 7. Claim 14 is similar in scope to claim 7, and is therefore rejected with the same rationale and motivation as claim 7. 

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure:
KÄRKKÄINEN (US 20190379537 A1) discloses protecting usage of key store content, where keys are generated based upon key offsets.
Smith (US 20180091361 A1) discloses survivable networks that use opportunistic devices to offload services, where a group public key corresponding to multiple private keys may be used to define a trusted network group.
Nolan (US 20190034919 A1) discloses securing electronic wallet transactions, where a single public key is used for multiple private keys of different wallets.
Smith (US 20150079933 A1) discloses securely managed location-and-tracking service access, and further discloses an asymmetric key mechanism in which a plurality of private keys correspond to a single public key. Thus, a variety of TEEs may have unique private keys but function with the single public key.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to BASSAM A NOAMAN whose telephone number is (571)272-2705. The examiner can normally be reached Monday-Friday 8:30 AM-5:00PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Eleni A. Shiferaw can be reached on (571) 272-3867. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/BASSAM A NOAMAN/Examiner, Art Unit 2497