DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This initial written action is responding to the communication dated on 12/30/2020.
Claims 1-20 are submitted for examination.
Claims 1-20 are pending.
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  

Priority
This application filed on December 30, 2020 does not claim any priority.

Information Disclosure Statement
The following Information Disclosure Statements in the instant application submitted in compliance with the provisions of 37 CFR 1.97, and thus, have been fully considered:
IDS filed on 30 December 2020.
IDS filed on 07 February 2022.
Examiner’s Note
Claims 8 recites, “A computer program product comprising: one or more computer readable storage media, and program instructions collectively stored on the one or more computer readable storage media…”. Paragraph 63 of the specification indicates that, “A computer readable storage medium, as used herein, is not to be construed as being transitory signals per se, such as radio waves or other freely propagating electromagnetic waves, electromagnetic waves propagating through a waveguide or other transmission media (e.g., light pulses passing through a fiber-optic cable), or electrical signals transmitted through a wire”. Thus claims 8-14 are compliant with 35 U.S.C. 101.
Claim 15 is a system claim. The system comprises one or more computer readable storage media that is defined in paragraph 63 of the speciation. Thus the Claims 15-20 are compliant with 35 U.S.C. 101software per se.

Claim Objection

Claim 8 is objected to because of the following informalities:  Claim 8 recites, “…the program instructions comprising: program instructions to publish a traditional public key in a traditional certificate and a PQC public key in a PQC certificate…”. Applicant is reminded that any acronym introduced for the first time is required to be specified in its entirety.   Appropriate correction is required.


Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1, 7-8 and 14-15 are rejected under 35 U.S.C. 103 as being unpatentable over Truskovsky et al. (US PAT. # US 9,794,249, hereinafter “Truskovsky”), and further in view of Ramanathan et al. (US PAT. # US 11,366,897, hereinafter “Ramanathan”).

Referring to Claims 1, 8 and 15:
Regarding Claim 1, Truskovsky teaches,
A computer-implemented method comprising: 
publishing, by one or more processors, a traditional public key in a traditional certificate and a post quantum cryptographic (PQC) public key in a PQC certificate; (Fig. 3, CL(13), LN(1-32), “the example process 300 is used to issue a digital certificate that includes data objects (e.g., a public key, a certificate authority signature, etc.) for a first cryptosystem and data objects (e.g., a public key, a certificate authority signature, etc.) for a second, different cryptosystem”, “the first cryptosystem is a quantum-vulnerable cryptosystem and the second cryptosystem is a quantum-resistant cryptosystem”, Fig. 5, i.e. traditional public key and a post quantum cryptographic public key are published in a certificate).
encrypting, by one or more processors, data with a hybrid shared secret, (Fig. 4(432), CL(18), LN(44-67), CL(19), LN(1-5), “The encrypted message can be generated using an encryption algorithm and a public key. The relying entity 404 may, in some cases, encrypt the message with a symmetric key, and encrypt the symmetric key with the public key”, i.e. symmetric key is considered as a hybrid shared secret and the data is encrypted with the symmetric key) [the hybrid shared secret generated with a key derivation function by using a traditional shared secret based on the traditional public key and a PQC shared secret based on the PQC public key]; 
decrypting, by one or more processors, the data with the hybrid shared secret based on a traditional private key and a PQC private key; (Fig. 4(438), CL(19), LN(5-19),  “ decrypt a symmetric key with the private key, and then decrypt the message with the symmetric key“, i.e. Examiner submits that symmetric key is decrypted with first cryptosystem (traditional private key) and second cryptosystem (quantum resistant) private key) and 
signing, by one or more processors, the data with a traditional signature followed by a PQC signature. (Fig. 4(420), CL(18), LN(3-28), “the digital signature algorithm is associated with the first cryptosystem and therefore uses a key pair associated with the first cryptosystem, “the digital signature algorithm is associated with the second cryptosystem and therefore uses a key pair associated with the second cryptosystem”, i.e. message (data) is signed with first cryptosystem (traditional signature) and second cryptosystem (quantum resistant signature)). 
Truskovsky does not teach explicitly, 
[encrypting, by one or more processors, data with a hybrid shared secret], the hybrid shared secret generated with a key derivation function by using a traditional shared secret based on the traditional public key and a PQC shared secret based on the PQC public key;
However, Ramanathan teaches,
[encrypting, by one or more processors, data with a hybrid shared secret], the hybrid shared secret generated with a key derivation function by using a traditional shared secret based on the traditional public key (CL(20), LN(63-67), CL(21), LN(1-12), “a non-PQC communications channel may be a classical communications channel derived from a shared secret that is derived using a non-PQC cryptographic technique, such as a shared secret generated using DH”, i.e. shared secret is generated using DH (Diffie-Hellman) indicates that the shared secret is generated based on traditional public key)  and a PQC shared secret based on the PQC public key; (CL(21), LN(13-47), “a PQC communications channel may use a Key Agreement Scheme (e.g., SIDH, NewHopeDH) may allow both Alice and Bob to calculate the shared secret based on public parameters and public key that they exchange”, i.e. PQC shared secret is generated based on the PQC public key).
As per KSR vs Teleflex, combining prior art elements according to known methods (device, product) to yield predictable results may be used to create a prima facie case of obviousness.
It would have been obvious to one of ordinary skill in the art before the effective filing date to have combined the teachings of Ramnathan with the invention of Truskovsky.
Truskovsky teaches, encrypting and decrypting data with hybrid shared secret. Ramnathan teaches, generating hybrid shared secret key derivation function using traditional public key and PQC public key. Therefore, it would have been obvious to have generating hybrid shared secret key derivation function using traditional public key and PQC public key of Ramnathan with encrypting and decrypting data with hybrid shared secret of Truskovsky to support both traditional system and Quantum safe system for seamless migration of traditional system to Quantum safe system. KSR Int’l v. Teleflex Inc., 127 S. Ct. 1727, 1740-41, 82 USPQ2d 1385, 1396 (2007). 

Regarding Claim 8, it is a computer program product claim of above method Claim 1, and therefore Claim 8 is rejected with same rationale as applied against Claim 1 above.

Regarding Claim 15, it is a system claim of above method Claim 1, and therefore Claim 15 is rejected with same rationale as applied against Claim 1 above.
Truskovsky discloses, a processor and a memory if Fig. 1.


Referring to Claims 7 and 14:
Regarding Claim 7, rejection of Claim 1 is included and for the same motivation Truskovsky teaches,
The computer-implemented method of claim 1, wherein signing the data with the traditional signature followed by the PQC signature comprises: 
certificating validation of the traditional public key and the PQC public key; (Fig. 4(422), CL(18), LN(15-30), “certified entity 402 generates the digital signature using a private key associated with the second cryptosystem”, “In some examples, the certified entity 402 generates the digital signature using a private key associated with the first cryptosystem”)
verifying the traditional signature with the traditional public key over the data; (Fig. 4(428), CL(18), LN(29-45), “ the relying entity 404 verifies the digital signature using the public key associated with the first cryptosystem”, i.e. traditional signature is verified with traditional public key) and 
verifying the PQC signature with the PQC public key over the data concatenated to the traditional signature. (Fig. 4(428), CL(18), LN(29-45) “the digital certificate includes an extension that contains a public key associated with the second cryptosystem, and the relying entity 404 verifies the digital signature using the public key associated with the second cryptosystem”, i.e. PQC signature is verified with the PQC public key).

Regarding Claim 14, rejection of Claim 8 is included and Claim 14 is rejected with the same rationale as applied against Claim 7 above.

Claims 2, 5, 9, 12, 16 and 19 are rejected under 35 U.S.C. 103 as being unpatentable over Truskovsky et al. (US PAT. # US 9,794,249, hereinafter “Truskovsky”), and further in view of Ramanathan et al. (US PAT. # US 11,366,897, hereinafter “Ramanathan”), and further in view of Yingfang Fu (US PGPUB. # US 2018/0109377, hereinafter “Fu”).

Referring to Claims 2, 9 and 16:
Regarding Claim 2, rejection of Claim 1 is included and Truskovsky teaches,
The computer-implemented method of claim 1, wherein publishing the traditional public key and the PQC public key comprises: 
generating a traditional key pair, the traditional key pair including a traditional private key and the traditional public key; (Fig. 3(310), CL(13), LN(53-64), “the key pairs may be obtained by executing a key derivation protocol or another type of process.”, i.e. traditional key pairs are generated)
generating a PQC key pair, the PQC key pair including a PQC private key and the PQC public key; (Fig. 3(312), CL(13), LN(53-64), “may obtain a key pair associated with a lattice-based cryptosystem at 312 “, “the key pairs may be obtained by executing a key derivation protocol or another type of process.”, i.e. PQC key pairs are generated)
publishing the traditional public key in the traditional certificate; (Fig. 3, CL(13), LN(1-32), “the example process 300 is used to issue a digital certificate that includes data objects (e.g., a public key, a certificate authority signature, etc.) for a first cryptosystem and data objects (e.g., a public key, a certificate authority signature, etc.) for a second, different cryptosystem”, “the first cryptosystem is a quantum-vulnerable cryptosystem and the second cryptosystem is a quantum-resistant cryptosystem”, Fig. 5, i.e. traditional public key are published in a certificate) 
publishing the PQC public key in the PQC certificate; (Fig. 3, CL(13), LN(1-32), “the example process 300 is used to issue a digital certificate that includes data objects (e.g., a public key, a certificate authority signature, etc.) for a first cryptosystem and data objects (e.g., a public key, a certificate authority signature, etc.) for a second, different cryptosystem”, “the first cryptosystem is a quantum-vulnerable cryptosystem and the second cryptosystem is a quantum-resistant cryptosystem”, Fig. 5, i.e. a post quantum cryptographic public key are published in a certificate) and 
Combination of Truskovsky and Ramanathan does not teach explicitly,
securing the traditional private key and the PQC private key.
However, Fu teaches,
securing the traditional private key and the PQC private key. (¶65, “The TPM ensures secure storage and management of the share of the cloud private key”, ¶67, ¶81, Fig. 8B(826, 828), ¶87, “The cloud can then negotiate, using a QKD process, one or more quantum keys with the server (operation 826), and store the negotiated keys in its TPM (operation 828)”, i.e. traditional private key and PQC private key are stored securely).
As per KSR vs Teleflex, combining prior art elements according to known methods (device, product) to yield predictable results may be used to create a prima facie case of obviousness.
It would have been obvious to one of ordinary skill in the art before the effective filing date to have combined the teachings of Fu with the invention of Truskovsky in view of Ramanathan.
Truskovsky in view of Ramanathan teaches, encrypting and decrypting data with hybrid shared secret and generating hybrid shared secret key derivation function using traditional public key and PQC public key. Fu teaches, securely storing traditional private key and PQC private key. Therefore, it would have been obvious to have securely storing traditional private key and PQC private key of Fu into the teachings of Truskovsky in view of Ramanathan to keep adversary away from decrypting confidential data. KSR Int’l v. Teleflex Inc., 127 S. Ct. 1727, 1740-41, 82 USPQ2d 1385, 1396 (2007). 

Regarding Claim 9, rejection of Claim 8 is included and Claim 9 is rejected with the same rationale as applied against Claim 2 above.

Regarding Claim 16, rejection of Claim 15 is included and Claim 16 is rejected with the same rationale as applied against Claim 2 above.

Referring to Claims 5, 12 and 19:
Regarding Claim 5, rejection of Claim 1 is included and Truskovsky teaches,
The computer-implemented method of claim 1, wherein encrypting the data with the hybrid shared secret comprises: 
generating a new traditional key pair, the new traditional key pair including a new traditional private key and a new traditional public key; (Fig. 3(310), CL(13), LN(53-64), “the key pairs may be obtained by executing a key derivation protocol or another type of process.”, i.e. traditional key pairs are generated)
encrypting the data with the hybrid shared secret; (Fig. 4(432), CL(18), LN(44-67), CL(19), LN(1-5), “The encrypted message can be generated using an encryption algorithm and a public key. The relying entity 404 may, in some cases, encrypt the message with a symmetric key, and encrypt the symmetric key with the public key”, i.e. symmetric key is considered as a hybrid shared secret and the data is encrypted with the symmetric key) and 
Truskovsky does not teach explicitly, 
deriving the traditional shared secret with the traditional public key and the new traditional private key; 
discarding the new traditional private key; 
deriving the PQC shared secret with the PQC public key; 
deriving a new PQC public key with a PQC key encapsulation mechanism based on the PQC public key; 
generating the hybrid shared secret by using the key derivation function based on the traditional shared secret and the PQC shared secret; 
storing the new traditional public key, the new PQC public key, and the encrypted data, as an encoding.
However, Ramanathan teaches,
deriving the traditional shared secret with the traditional public key and the new traditional private key; (CL(20), LN(63-67), CL(21), LN(1-12), “a non-PQC communications channel may be a classical communications channel derived from a shared secret that is derived using a non-PQC cryptographic technique, such as a shared secret generated using DH”, i.e. shared secret is generated using DH (Diffie-Hellman) indicates that the shared secret is generated based on traditional public key)
discarding the new traditional private key; (Fig. 3(310), CL(61), LN(54-67), CL(62), LN(1-2) “As shown by operation 310, the apparatus 200 includes means, such as the cryptographic circuitry 216 or the like, for destroying the private cryptographic key”)
deriving the PQC shared secret with the PQC public key; (CL(21), LN(13-47), “a PQC communications channel may use a Key Agreement Scheme (e.g., SIDH, NewHopeDH) may allow both Alice and Bob to calculate the shared secret based on public parameters and public key that they exchange”, i.e. PQC shared secret is generated based on the PQC public key) 
deriving a new PQC public key with a PQC key encapsulation mechanism based on the PQC public key; (Fig. 8(804, 806), CL(72), LN(3-32), “the apparatus 200 includes means, such as the cryptographic circuitry 216 or the like, for generating a first pair of asymmetric cryptographic keys comprising a first public cryptographic key and a first private cryptographic key via a first post-quantum cryptographic (PQC) technique”, i.e. PQC public key is derived)
generating the hybrid shared secret by using the key derivation function based on the traditional shared secret and the PQC shared secret; (CL(20), LN(63-67), CL(21), LN(1-12), “a non-PQC communications channel may be a classical communications channel derived from a shared secret that is derived using a non-PQC cryptographic technique, such as a shared secret generated using DH”, CL(21), LN(13-47), “a PQC communications channel may use a Key Agreement Scheme (e.g., SIDH, NewHopeDH) may allow both Alice and Bob to calculate the shared secret based on public parameters and public key that they exchange”, i.e. shared secret is generated using DH (Diffie-Hellman) indicates that the shared secret is generated based on traditional public key and PQC shared secret)
[storing the new traditional public key, the new PQC public key], and the encrypted data, as an encoding. (Fig. 7(710), CL(70), LN(62-67), CL(71), LN(1-2), Fig. 8(814), CL(73), LN(36-49), i.e. encrypted data is stored).
It would have been obvious to one of ordinary skill in the art before the effective filing date to have combined the teachings of Ramnathan with the invention of Truskovsky.
Truskovsky teaches, encrypting and decrypting data with hybrid shared secret. Ramnathan teaches, generating hybrid shared secret key derivation function using traditional public key and PQC public key. Therefore, it would have been obvious to have generating hybrid shared secret key derivation function using traditional public key and PQC public key of Ramnathan with encrypting and decrypting data with hybrid shared secret of Truskovsky to support both traditional system and Quantum safe system for seamless migration of traditional system to Quantum safe system. KSR Int’l v. Teleflex Inc., 127 S. Ct. 1727, 1740-41, 82 USPQ2d 1385, 1396 (2007). 
Combination of Truskovsky and Ramanathan does not teach explicitly,
storing the new traditional public key, the new PQC public key, [and the encrypted data, as an encoding].
However, Fu teaches,
storing the new traditional public key, the new PQC public key, (¶68, “trusted client 402 and trusted server 404 can store the encryption keys in a peripheral storage device. To maintain security, before storing the encryption keys in the peripheral device, the encryption keys can be encrypted using a key for trusted storage”, Fig. 8A, ¶86, i.e. public keys are stored) [and the encrypted data, as an encoding].
As per KSR vs Teleflex, combining prior art elements according to known methods (device, product) to yield predictable results may be used to create a prima facie case of obviousness.
It would have been obvious to one of ordinary skill in the art before the effective filing date to have combined the teachings of Fu with the invention of Truskovsky in view of Ramanathan.
Truskovsky in view of Ramanathan teaches, encrypting and decrypting data with hybrid shared secret and generating hybrid shared secret key derivation function using traditional public key and PQC public key. Fu teaches, securely storing traditional private key and PQC private key. Therefore, it would have been obvious to have securely storing traditional private key and PQC private key of Fu into the teachings of Truskovsky in view of Ramanathan to keep adversary away from decrypting confidential data. KSR Int’l v. Teleflex Inc., 127 S. Ct. 1727, 1740-41, 82 USPQ2d 1385, 1396 (2007). 

Regarding Claim 12, rejection of Claim 8 is included and Claim 9 is rejected with the same rationale as applied against Claim 5 above.

Regarding Claim 19, rejection of Claim 15 is included and Claim 19 is rejected with the same rationale as applied against Claim 5 above.

Claims 3-4, 6, 10-11, 13, 17-18 and 20 
Objected
Claims 3-4, 6, 10-11, 13, 17-18 and 20  are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.
Truskovsky et al. discloses, an example process 300 shown in FIG. 3 includes operations performed by an entity 302 and a certificate authority 304. In the example shown, the entity 302 and the certificate authority 304 represent two distinct entities in a public key infrastructure (PKI). The certificate authority 304 can be, for example, a root certificate authority or a subordinate certificate authority. The entity 302 can be a subordinate certificate authority or any other type of entity in a PKI (e.g., user, user account, device or machine, software module or other types of entity). In the example shown in FIG. 3, the certificate authority 304 issues a digital certificate to the entity 302. The digital certificate issued in the process 300 can be, for example, an end-entity certificate or a CA certificate. In some implementations, the example process 300 is used to issue a digital certificate that includes data objects (e.g., a public key, a certificate authority signature, etc.) for a first cryptosystem and data objects (e.g., a public key, a certificate authority signature, etc.) for a second, different cryptosystem. For example, the example process 300 may be used to issue one or more of the digital certificates shown in FIG. 5, 6, 7, 8, 9 or 10, or another type of digital certificate. The digital certificate issued in the example process 300 may be a hybrid digital certificate that is used during one or more phases of transition between the first and second cryptosystems. For instance, the digital certificate issued in the example process 300 may be used by one or more of the example system components shown in FIG. 2A after the phase 1 upgrade 222, the phase 2 upgrade 224 or another type of transition phase. In some examples, the first cryptosystem is a quantum-vulnerable cryptosystem and the second cryptosystem is a quantum-resistant cryptosystem. (Fig. 3, CL(13), LN(1-32), Fig. 5).  The encryption process 430 can include the use of an encryption algorithm for confidential correspondence. In some cases, the encryption algorithm is associated with the first cryptosystem and therefore uses a key pair associated with the first cryptosystem. In some cases, the encryption processes 430 can be used in a Transport Layer Security (TLS) protocol, for example, in a web browsing application, an e-mail application, a voice-over-IP (VoIP) application or another type of Internet application. In some cases, the encryption processes 430 can be used in another type of application or system. In some cases, the encryption algorithm is associated with the second cryptosystem and therefore uses a key pair associated with the second cryptosystem. In some examples, the encryption process 430 is performed by one or more applications such as, for example, a VPN application, a secure web browser application, a secure mail application or another type of application. In the example shown in FIG. 4, at 432 the relying entity 404 encrypts a message. The encrypted message can be generated using an encryption algorithm and a public key. The relying entity 404 may, in some cases, encrypt the message with a symmetric key, and encrypt the symmetric key with the public key. In some examples, the relying entity 404 generates the encrypted message using a public key associated with the second cryptosystem. In some examples, the relying entity 404 generates the encrypted message using a public key associated with the first cryptosystem. (Fig. 4(432), CL(18), LN(44-67), CL(19), LN(1-5)). As shown in FIG. 4, at 434, the relying entity 404 sends the encrypted message to the certified entity 402, and at 436, the certified entity 402 receives the encrypted message from the relying entity 404. At 438, the certified entity 402 decrypts the message using a private key. The certified entity 402 may, in some cases, decrypt a symmetric key with the private key, and then decrypt the message with the symmetric key. If the relying entity 404 encrypted the message using the first public key of the certified entity 402, the certified entity 402 uses its private key associated with the first cryptosystem to decrypt the message. If the relying entity 404 encrypted the message using the second public key of the certified entity 402, the certified entity 402 uses its private key associated with the second cryptosystem to decrypt the message. (Fig. 4(438), CL(19), LN(5-19)). 
Ramanathan et al. teaches, the term “non-PQC communications channel” refers to a communications channel (e.g., a wired or wireless communications channel) over which non-quantum data and signals are exchanged using one or more non-PQC cryptographic techniques that do not themselves directly rely on quantum properties. For example, the QC detection system described herein may implement a non-PQC communications channel by encrypting data based on a non-PQC cryptographic technique (e.g., RSA) and then transmitting the encrypted data over a non-PQC communications channel (e.g., an “in-band” communications channel) or, in some instances, by transmitting unencrypted, clear text data over the non-PQC communications channel. In some embodiments, a non-PQC communications channel may be a classical communications channel derived from a shared secret that is derived using a non-PQC cryptographic technique, such as a shared secret generated using DH. The term “PQC communications channel” refers to a communications channel (e.g., a wired or wireless communications channel) over which non-quantum data and signals are exchanged using one or more PQC cryptographic techniques (e.g., for authentication, encryption, or both) that do not themselves directly rely on quantum properties. For example, the QC detection system described herein may implement a PQC communications channel by encrypting data based on a PQC cryptographic technique (e.g., Dilithium II) and then transmitting the encrypted data over a classical back channel (e.g., an “out-of-band” communications channel). In some embodiments, a PQC communications channel may be based on an underlying Key Encapsulation Mechanism or Key Agreement Scheme. In some embodiments, a PQC communications channel may use a Key Encapsulation Mechanism (e.g., SIKE, NTRUPrime, Kyber) to encapsulate a shared secret and ensure its safe transmission between Alice and Bob. This shared secret subsequently will either (i) be used as a Symmetric Key (e.g., for Symmetric Key encryption) or (ii) be handed over to a Key Derivation Function to generate a shared encryption key. In some embodiments, a PQC communications channel may use a Key Agreement Scheme (e.g., SIDH, NewHopeDH) may allow both Alice and Bob to calculate the shared secret based on public parameters and public key that they exchange. Unlike Key Encapsulation Mechanisms, Key Agreement Schemes do not encapsulate the calculated shared secret with cipher text. Key Agreement Schemes may be extended to generate Ephemeral keys. In some instances, after the shared secret is calculated, the keys are destroyed to preserve perfect forward secrecy. In some embodiments, a PQC communications channel may be a classical communications channel derived from a shared secret that is derived using a Key Encapsulation Mechanism or a Key Agreement Scheme. (CL(20), LN(63-67), CL(21), LN(1-47)).
Fu teaches, a system and method for ensuring data and computation security. During operation, a server receives a key-negotiation request from a client and authenticates the client. In response to the client authenticating the server, the server negotiates, via a quantum-key-distribution process, a secret key shared between the client and the server; and stores the secret key in a trusted-computing module.
Goncalvers et al. (US PGPUB. # US 2020/0259647) discloses, a hybrid encryption scheme links a first public key encryption (PKE) scheme with a second PKE scheme through a true random or pseudo-random element, which is used by a sender to encapsulate a symmetrically encrypted message and its associated symmetric key to generate a pair of ciphertexts for transmission to a recipient. The recipient decrypts and decapsulates the ciphertexts, retrieves the random element, and may conduct one or more verification steps to ensure that the ciphertexts were well-formed, and to detect any re-encryption or encapsulation attacks. To encrypt a message, the message and initial random value are encrypted with a symmetric key to provide an intermediate ciphertext. The symmetric key and the encrypted message-value are each encapsulated by distinct algorithms using distinct values derived from the initial random value, such as different hashes, and public keys to provide first and second ciphertexts. (Abstract).
However, none of the art teaches the recited claim limitation for the claims 3-4, 6, 10-11, 13, 17-18 and 20.  
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.  Refer to PTO-892, Notice of References Cited for a listing of analogous art.
	Carter Jr. et al (US PAT. # US 11,343,270) discloses, an example method includes receiving data. The example method further includes retrieving policy information associated with the data. The example method further includes generating a set of policy attributes about the data based on the data and the policy information. Subsequently, the example method includes generating a risk profile data structure based on the set of policy attributes. The risk profile data structure may be indicative of a vulnerability of the data in a PQC data environment.
Phillip H. Griffin (US PAT. # US 10,742,420) discloses, an example method includes receiving a messageDigest attribute value comprising a hash of content. The messageDigest attribute value is digitally signed with a first private key associated with the message computing system using a quantum-resistant signature algorithm to generate a quantum-resistant digital signature value. A QSignerinfo type is generated that includes at least one of a public key identifier of the public key and the quantum-resistant digital signature value. A QSignerinfo attribute is generated that identifies the QSignerinfo type. The QSignerinfo attribute is transmitted to a recipient. the recipient digitally signs the QSignerinfo attribute with a second private key associated with the recipient using a quantum-vulnerable signature algorithm to generate a double signature value. Origin authenticity of the double signature value can be determined by using a second public key of the recipient, the second public key of a second public/private key pair including the second private key. 
Joel Alwen (US PGPUB. # US 2019/0245682) discloses, a method for exchanging encrypted communications using hybrid encryption. According to the present disclosure, a first device receives an encrypted communication from a second device. The encrypted communication includes a first encrypted secret, a second encrypted secret, a first signature, and a second signature. The first device verifies the first signature and the second signature, and, when the first and second signatures are valid, decrypts the first encrypted secret using a first encryption algorithm and the second encrypted secret using a second encryption algorithm. The first device combines the first decrypted secret and the second decrypted secret to recover a first communication and provides the first communication to a user of the first device.
Gutoski et al. (US PAT. # US 9,698,986) discloses, a  shared secrets for lattice-based cryptographic protocols are generated. In some aspects, a public parameter (a) is obtained, where the public parameter is an array defined for a lattice-based cryptography system. A first secret value (s) and a second secret value (b) are obtained. The first secret value is a second array defined for the lattice-based cryptography system, and is generated based on sampling an error distribution. The second secret value is a third array defined for the lattice-based cryptography system, and is a product of the first and second arrays (b←as). A public key ({circumflex over (b)}) is then generated by applying a compression function to the second secret value (b), and the public key is sent to an entity. A shared secret (μ) is then generated based on information received from the entity in response to the public key.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to DARSHAN I DHRUV whose telephone number is (571)272-4316. The examiner can normally be reached M-F 9:00 AM-5:00 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Yin-Chen Shaw can be reached on 571-272-8878. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/DARSHAN I DHRUV/          Primary Examiner, Art Unit 2498