DETAILED ACTION
This Non Final Office Action is in response to Request for Continued Examination filed on 06/09/2022. Claims 1-25 filed on 06/09/2022 remain pending in the application.

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Drawings
The drawings filed on 07/02/2020 are accepted.

Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 06/09/2022 has been entered.

	
	

Examiner’s Note
The “computer readable storage medium” recited in claim 17 is a physical storage and “not to be construed as being transitory signals per se” as recited in [0125] of the instant application.

Response to Arguments
With respect to claim 1, applicant stated “Applicant amended claim 1 to include "slicing, by the first key unit, the reconstructed secret into a first new slice and a second new slice." The Advisory Action, p. 2, notes that the Office has withdrawn the § 102 rejection of claim 1 "in light of the current amendments to claim 1." However, the Advisory Action, p. 2, also asserts that "a previously cited prior art, NG, discloses a server that reconstructs a private key, which can perform recalculation of the constructed private key to split/slice the constructed private key…However, Applicant respectfully asserts that modifying Tegeder's system to implement the alleged teaching of Ng would render Tegeder' s system unsatisfactory for its intended purpose, which is prohibited by MPEP 2143.01.V. This is because the Office relies on Tegeder's "third party system 103" as anticipating the claimed "first key unit." In particular, Tegeder's system is designed to provide limited access to a given secret to a third party system; modifying Tegeder to enable the third-party system to split the constructed key would give the third party system significant influence and access to the system (as it would have access to slices of the key). See, e.g., Tegeder,…[0079]. As a result, Applicant respectfully asserts that the proposed combination of Tegeder and Ng is impermissible in view of MPEP 2143.01.V.”
Examiner respectfully disagrees. Examiner submits that the Tegeder discloses the encrypted key shares are received from the 102 system by the third party, where the third party decrypts the key shares and reassemble the key from the decrypted key shares. Therefore, the third party has access to the shares and the reassembled/reconstructed key, and subsequently using the reassembled key to decrypt the encrypted secret, as disclosed in e.g. [0059, 0071, 0082]. Examiner further submits that Tegeder does not disclose slicing the reconstruct key share after reconstructing, however, NG discloses slicing the reconstruct key share after reconstructing as described in the below rationale in claim 1, with the motivation of adding a new entity to hold a key slice, when one entity is damaged/failed. Furthermore, since the third party of Tegeder has control of and access to the key shares and the reassembled key, it would have been obvious for one of ordinary skill in the art to incorporate the teaching of NG to utilize the above feature, when one failed entity is detected and new entity is added.
With respect to claim 17, applicant requests further clarifications.
Examiner submits that Tegeder in view of Ng discloses the claim limitations of claim 17. Particularly, Tegeder discloses the first party, i.e. fist key unit, in [0040] the generation/obtaining of a gamma keys, corresponding to the secret, and generation of a beta keys, corresponding to group keys authority, and accordingly generating based on the beta keys a plurality of encrypted secret/key shares. Tegeder does not disclose receiving the beta keys from a different entity, i.e. group authority. However, Ng teaches receiving from a group authority key from a group authority as disclosed in [0051]. Please see detailed rationale and motivation in the USC 103 rejection below.
With respect to claim 11, the arguments presented by the applicant in Pages 9-10 pertaining to prior art Naqvi are moot since prior art NG is relied upon to disclose the argued limitations. Please see rationale and motivation in detailed rejection below. 

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
Claims 1, 3-4, 6-7, 9, 17, 19-21 and 23-25 are rejected under 35 U.S.C. 103 as being unpatentable over Tegeder (US 20190372765 A1), hereinafter Tegeder in view of NG (US 20210028931 A1), hereinafter NG.

Regarding claim 1 (Previously Presented), Tegeder teaches a method of reconstructing a secret by a first key unit (Tegeder [0023] “a method for giving to a designated third party system (i.e. first key unit) access to a secret is provided”, [0036] discloses the third party reassembling the secret shares), 
the method comprising: 
receiving a first encrypted slice from a second key unit and a second encrypted slice from a third key unit (Tegeder Figure 1 discloses receiving, by third party system, response including encrypted secret shares, corresponding to 1st encrypted slice and 2nd encrypted slice, from trustee systems 102a-b in Figure 1, corresponding to 2nd key unit and 3rd key unit, [0058] “…the trustee system publishes a response message 114, which includes the secret share .sigma..sub.i, to a ledger 104b…the secret share .sigma..sub.i that is published in the response message 114 may be further encrypted by the trustee system using the second validation key .beta.* that is held by the trustee system 102.”, [0059] “…the ledger 104b to which the response message 114 is published may be a different ledger, as long as the ledger 104b is accessible to the third party system 103--in order to retrieve the secret shares .sigma..sub.i”, where each trustee system, e.g. server, stores one secret share as disclosed in e.g. [0031]); 
receiving one or more group authority keys from a group authority (Tegeder Figure 1 discloses receiving, by the third party system 103 from a first party system 101, i.e. group authority, a validation key beta, i.e. one or more group authority keys, Figure 2 [0042] “At step 203, the first party system 101 securely sends a message 111 to the third party system 103. The message includes a first validation key .beta. of the validation key pair .beta., .beta.* and the encrypted secret .gamma.(p). The third party system 103 stores this message 111 securely for future use.”); 
decrypting the first encrypted slice and the second encrypted slice using the one or more group authority keys; and reconstructing the secret based on the first decrypted slice and the second decrypted slice (Tegeder discloses decrypting each encrypted secret share at the third party system using the validation key beta, received by the third party system, Figure 2 [0071] “At step 211, once at least k out of the n trustee systems 102 have published response messages 114 and the response messages 114 have been validated and obtained by the third party system 113, the third party system 103 reassembles the secret shares .sigma..sub.i to reveal the encrypted second object key…If the second object key .gamma.* or the secret shares .sigma..sub.i were encrypted using the second validation key .beta.*, the third party system 103 uses the first validation key .beta. to decrypt the second object key .gamma.* or the secret shares .sigma..sub.i at the appropriate time. The third party system 103 then uses the revealed second object key .gamma.* to decrypt the encrypted secret .gamma.(p), which is previously received from the first party system 101.”).
Tegeder does not disclose the below limitation.
	NG discloses slicing, by the first key unit, the reconstructed secret into a first new slice and a second new slice (NG discloses a server that reconstructs a private key, which can perform recalculation of the constructed private key to split/slice the constructed private key, [0062] “The server 22 in Step 84 then re-calculates the share secrets (i.e. split the original main private key according to the new number of key masters 24 again) and redistribute it to all key masters 24 (both new and existing key masters)…The re-calculation is needed as the new key master 24 needs to have a copy of a key fragment 36 as well, and this will require the system to reconstruct the main private key based on received, old fragments 36 and get new fragment 36. The main private key is then held by the new formation of key masters 24.”, where the server that constructs a private key can subsequently perform the slicing of the key, with the motivation of adding a new key master unit to the group as recognized in [0061-0062].) 
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Tegeder to incorporate the teaching of NG to utilize the above feature, with the motivation of redistributing key fragments to accommodate newly added key master unit, in case one of the existing ones are damaged or have failed, as recognized by (NG [0061-0062]).

Regarding claim 3 (Previously Presented), Tegeder in view of NG teaches the method of claim 1, further comprising: 
encrypting the first [new] slice and the second [new] slice (Tegeder [0047] “…the secret shares .sigma..sub.i themselves can be encrypted, using the second validation key f* [sic]”, where the first party system, based on the validation key, beta*, generates encrypted slices/shares of the .sigma. key/secret); 
transmitting the encrypted first [new] slice to the second key unit; and transmitting the encrypted second [new] slice to the third key unit (Tegeder [0050] “The first party system 101 securely transmits a message (.beta.*, .sigma..sub.i) 112 including the second validation key .beta.*, which is the counterpart of the first validation key .beta. transmitted to the third party, and one of the secret shares .sigma..sub.i to each of the n selected trustee systems 102a, 102c, 102d.”, trustee systems correspond to the second and third key unit).
While Tegeder disclose the aforementioned limitations, where slices are encrypted and transmitted to different trustee systems. Tegeder further discloses in [0030] the process rationalized in claim 1 may be “automatically repeated”, when the secret changed, indicating that the process of redistributing new secret shares/pieces as rationalized in claim 1 above is repeated, furthermore, Tegeder in [0034] disclose performing the above process for different secrets, where each trustee system 102a-d, corresponding to the second and third key units, hold more than one secret share for more than one secret indicating new secret slices generated for plurality of secret, however, Tegeder does not explicitly disclose slicing the reconstructed the secret, resulting into new slices. Emphasis in Italic.
NG disclose slicing the reconstructed secret into a first new slice and a second new slice and transmitting the first new slice to the second key unit and second new slice to the third key unit (NG discloses [0061] “When enough fragments 36 are received by the server 22 with a limited time frame, the server 22 allows the new key master 24 to register to the system in Step 82. The server 22 in Step 84 then re-calculates the share secrets (i.e. split the original main private key according to the new number of key masters 24 again) and redistribute it to all key masters 24 (both new and existing key masters)…The re-calculation is needed as the new key master 24 needs to have a copy of a key fragment 36 as well, and this will require the system to reconstruct the main private key based on received, old fragments 36 and get new fragment 36. The main private key is then held by the new formation of key masters 24.”).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Tegeder to incorporate the teaching of NG to utilize the above feature, with the motivation of redistributing key fragments to accommodate newly added key master unit, in case one of the existing ones are damaged or have failed, as recognized by (NG [0061-0062]).

Regarding claim 4 (Original), Tegeder in view of NG teaches the method of claim 3, further comprising receiving one or more [new] group authority keys from the group authority, wherein the encrypting the first [new] slice and the second [new] slice is performed using the one or more [new] group authority keys (Tegeder Figure 1 discloses receiving, by the third party system 103 from a first party system 101, i.e. group authority, a validation key beta, i.e. one or more group authority keys, Figure 2 [0042] “At step 203, the first party system 101 securely sends a message 111 to the third party system 103. The message includes a first validation key .beta. of the validation key pair .beta., .beta.* and the encrypted secret .gamma.(p). The third party system 103 stores this message 111 securely for future use.”, where the secret shares .sigma..sub.i themselves are encrypted, based on the validation key, beta*, which generates encrypted slices/shares of the .sigma. key/secret).
  While Tegeder discloses the aforementioned limitations, where slices are encrypted and transmitted to different trustee systems. Tegeder further discloses in [0030] the process rationalized in claim 1 may be automatically repeated, when the secret changed, indicating that the process of redistributing new secret shares/pieces as rationalized in claim 1 above, 
furthermore, Tegeder in [0034] disclose performing the above process for different secrets, where each trustee system 102a-d, corresponding to the second and third key units, hold more than one secret share for more than one secret, however, Tegeder does not explicitly disclose new group authority keys, resulting into new slices. Emphasis in Italic.
NG discloses first new slice and a second new slice (NG discloses [0061] “When enough fragments 36 are received by the server 22 with a limited time frame, the server 22 allows the new key master 24 to register to the system in Step 82. The server 22 in Step 84 then re-calculates the share secrets (i.e. split the original main private key according to the new number of key masters 24 again) and redistribute it to all key masters 24 (both new and existing key masters)…The re-calculation is needed as the new key master 24 needs to have a copy of a key fragment 36 as well, and this will require the system to reconstruct the main private key based on received, old fragments 36 and get new fragment 36. The main private key is then held by the new formation of key masters 24.”).
NG further discloses one or more new group authority keys, the encrypting the first new slice and the second new slice is performed using the one or more new group authority keys ([0062] “The server 22 then changes the encryption key 34 of its configuration file 30 in Step 92, and distribute the new encryption key 34 to all other key masters 24 in Step 94”, where the process disclosed in [0062] and Figure 9 illustrates the new encrypted key fragments distributed, based on the encryption key required and compulsory by the server and its associated configuration file as further disclosed in [0013-0014, 0051], where the encrypting of the slices is based on the configuration file storing host servers public keys, where the configuration files accessed by the encryption key).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Tegeder to incorporate the teaching of NG to utilize the above feature, with the motivation of redistributing key fragments to accommodate newly added key master unit, in case one of the existing ones are damaged or have failed, as recognized by (NG [0061-0062]).

Regarding claim 6 (Original), Tegeder in view of NG teaches the method of claim 3, further comprising: receiving a third encrypted slice from the second key unit; receiving a fourth encrypted slice from the third key unit; and storing the third encrypted slice and the fourth encrypted slice in a slice storage (Tegeder Figure 1 discloses receiving, by third party system, response including encrypted secret shares, corresponding to 1st encrypted slice and 2nd encrypted slice, from trustee systems 102a-b in Figure 1, corresponding to 2nd  key unit and 3rd key unit, [0058] “…the trustee system publishes a response message 114, which includes the secret share .sigma..sub.i, to a ledger 104b…the secret share .sigma..sub.i that is published in the response message 114 may be further encrypted by the trustee system using the second validation key .beta.* that is held by the trustee system 102.”, [0059] “…the ledger 104b to which the response message 114 is published may be a different ledger, as long as the ledger 104b is accessible to the third party system 103--in order to retrieve the secret shares .sigma..sub.i”, where each trustee system, e.g. server, stores one secret share as disclosed in e.g. [0031], 
[0034] discloses that each trustee system 102, where two of them corresponding to second and third key unit, hold more than one secret share for different secrets, where the additional secret shares for each trustee system correspond to the third and fourth secret share, where the third party receives third and fourth secret shares, corresponding to their pertinent secret, where the received shares ought to be stored at the third party in order to eventually be reassembled).  

Regarding claim 7 (Original), Tegeder in view of NG teaches the method of claim 6, 
Tegeder does not disclose the below limitations.
NG discloses further comprising: determining that the third key unit has failed; receiving a request from the group authority to transmit the fourth encrypted slice to a fourth key unit; and transmitting the fourth encrypted slice to the fourth key unit (NG discloses determining that a key master 24, corresponding to third key unit, has been damaged/not functional, [0062] “Turning to FIG. 9. If the distributed key management system of FIG. 1 encounters a situation that a key master 24 is lost from its user, damaged, or otherwise not functional to complete operations required for the distributed key management system, then this non-functional key master 24 should be prohibited from communicating with the server 22 regarding the distributed key management function to avoid security risks.”, [0061] “when adding a new key master 24 to the system, any existing key master 24 can initiate a request by submitting the new key master's public key to the server 22. Then, other existing key masters 24 in Step 80 send approval messages if it approves the addition of the new device …server 22 allows the new key master 24 to register to the system in Step 82. The server 22 in Step 84 then re-calculates the share secrets (i.e. split the original main private key according to the new number of key masters 24 again) and redistribute it to all key masters 24 (both new and existing key masters).”, where a request is initiated by one existing key master, ac as a group authority, and authorizing adding/registering new key master to the group, after validation, the new key master, i.e. fourth key unit, receives an encrypted slice, corresponding to fourth encrypted slice, where communication between devices are encrypted as disclosed in [0051] ).  
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Tegeder to incorporate the teaching of NG to utilize the above feature, with the motivation of redistributing key fragments to accommodate newly added key master unit, in case one of the existing ones are damaged or have failed, as recognized by (NG [0061-0062]).

Regarding claim 9 (Original), Tegeder in view of NG teaches the method of claim 1, wherein the secret is a storage encryption key (Tegeder discloses in [0030-0031] the secret to be encryption key to decrypt stored secrets p).  

Regarding claim 17 (Previously Presented), Tegeder teaches a computer program product, the computer program product comprising a computer readable storage medium having program instructions embodied therewith, the program instructions executable by a computer to cause the computer to (Tegeder [0024] “a computer-readable medium is provided. The computer-readable medium comprises instructions which, when executed by a computer, cause the computer to carry out the method described...”, [0040] discloses first party system as a computer): 
Obtain, at a first key unit, a secret (Tegeder discloses in [0040] the first party system generating/getting/obtaining object key pair .gamma., .gamma.*, where the gamma key corresponds to a secret, “At step 201 of the method 200 shown in FIG. 2, the first party system 101 generates two pairs of asymmetric encryption keys: the object key pair .gamma., .gamma.* and a validation key pair .beta., .beta.*.”); 
[receive], at a first key unit, one or more group authority keys [from a group authority] (Tegeder discloses in [0040] the first party system generating/getting/obtaining validation key pair .beta., .beta.*, where the validation key pair, beta, correspond to one or more group authority keys, “At step 201 of the method 200 shown in FIG. 2, the first party system 101 generates two pairs of asymmetric encryption keys: the object key pair .gamma., .gamma.* and a validation key pair .beta., .beta.*.”); and 
generate, at a first key unit and based on the one or more [received] group authority keys, a plurality of encrypted slices of the secret (Tegeder [0046] “At step 204, the first party system 101 generates a plurality of secret shares .sigma..sub.i in a k, n secret sharing scheme, as described above with respect to FIG. 1, such that each secret share .sigma..sub.i includes an element of the second object key .gamma.*”, [0047] “…the secret shares .sigma..sub.i themselves can be encrypted, using the second validation key f* [sic]”, where the first party system, based on the validation key, beta*, generates encrypted slices/shares of the .sigma. key/secret, Tegeder discloses the first party, i.e. fist key unit, in [0040] the generation/obtaining of a gamma keys, corresponding to the secret, and generation of a beta keys, corresponding to group keys authority, and accordingly generating based on the beta keys a plurality of encrypted secret/key shares).  
Tegeder discloses generating beta., .beta.*, corresponding to the group authority keys at the first party, however, Tegeder does not disclose that the one or more group authority keys are received from a group authority.
NG discloses receiving group authority key from a group authority (NG discloses [0051] “…the server 22 possesses an encryption key 34 to encrypt the configuration file 30, and the server 22 shares the encryption key 34 with all key masters 24 that are registered with the server 22…If the server 22 needs to restart, it can't read the configuration file 30 and therefore it will require any key master 24 to unlock the server 22 by providing the encryption key 34 of the configuration file 30. Before the server 22 is unlocked, it cannot do anything except waiting to be unlocked. This prevents any unauthorized restart or code modification to the server 22 itself.”, where the key master responsible for transmitting encryption key, i.e. group authority key, corresponds to the group authority, where the encryption key is compulsory for the server to perform the operation of pertaining to distributed keys, as disclosed in [0013-0014, 0051]).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Tegeder to incorporate the teaching of NG to utilize the above feature, with the motivation of enhancing security This by preventing any unauthorized restart or code modification to the server, as recognized by (NG [0051]).

Regarding claim 19 (Original), Tegeder in view of NG teaches the computer program product of claim 17, 
wherein: the one or more group authority keys consist of a single group authority key; and the generating the plurality of encrypted slices includes: encrypting, using the single group authority key, the secret; and P202001751US01Page 42 of 45slicing the encrypted secret (Tegeder [0046] “At step 204, the first party system 101 generates a plurality of secret shares .sigma..sub.i in a k, n secret sharing scheme…As also mentioned above, the second object key .gamma.* may be encrypted using the third party's public key, .alpha..sub.3P*, or the second validation key .beta.*, which is provided to the trustee system before being split into the secret shares .sigma..sub.i by the first party system 101.”, where the second validation key .beta.*, corresponds to the single group authority key).  

Regarding claim 20 (Original), Tegeder in view of NG teaches the computer program product of claim 17, wherein the generating the plurality of encrypted slices includes: slicing the secret into a plurality of slices; and encrypting, using the one or more group authority keys, the plurality of slices (Tegeder [0046] “At step 204, the first party system 101 generates a plurality of secret shares .sigma..sub.i in a k, n secret sharing scheme, as described above with respect to FIG. 1, such that each secret share .sigma..sub.i includes an element of the second object key .gamma.*”, [0047] “…the secret shares .sigma..sub.i themselves can be encrypted, using the second validation key f* [sic]”, where the first party system, based on the validation key, beta*, generates encrypted slices/shares of the .sigma. key/secret).  

Regarding claim 21 (Original), Tegeder in view of NG teaches the computer program product of claim 17, wherein the instructions further cause the computer to transmit the plurality of encrypted slices to a plurality of key units (Tegeder Figure 2 [0049] “At step 205, the first party 101 chooses n trustee systems 102a, 102c, 102d from among the available trustee systems 102 to hold a single secret share .sigma..sub.i each. The n trustee systems chosen by the first party may be selected…”, where the trustee systems correspond to the plurality of units).

Regarding claim 23 (Previously Presented), Tegeder in view of NG teaches the computer program product of claim 17, wherein the instructions further cause the computer to: 
Receive, at the first key unit, a first encrypted slice from a second key unit and a second encrypted slice from a third key unit (Tegeder discloses in [0075] the first party system receiving encrypted shares/slices, sigma..sub.i, from various trustee systems, corresponding to a first and second key units, as disclosed in [0058], where the shares are received from the trustee system 102 comprising the second, third, etc. units, [0051] “…encrypting the second object key γ* using the third party's public key α.sub.3P*, ensures that even when the secret shares σ.sub.i have been re-assembled to reveal the encrypted second object key, i.e. α.sub.3P*(γ*) or β*(γ*), only the third party (or only the third party and the first party, when the second validation key β* is used to encrypt the second object key γ*) can obtain the second object key γ* from the secret shares σ.sub.i.”); 
store the first encrypted slice and the second encrypted slice (Tegeder discloses in [0075] the first party receiving the shares/slices in order to reconstruct and eventual recover access to the secret p, indicating the first party storing the secret shares/pieces to eventually use it for reconstructing an eventually becoming the secret p);
receive a request [from the group authority] to transmit the second encrypted slice to a replacement key unit; and transmit, responsive to the request, the second encrypted slice to the [replacement] key unit (Tegeder illustrates in Figure 1, in response to the 103 request, encrypted slices are transmitted from 102 to 103 as disclosed in [0034, 0058-0059]). 
Tegeder does not disclose the below limitations. Emphasis in italic.
NG discloses receive a request from the group authority to transmit the second encrypted slice to a replacement key unit; and transmit, responsive to the request, the second encrypted slice to the replacement key unit (NG [0061] “when adding a new key master 24 to the system, any existing key master 24 can initiate a request by submitting the new key master's public key to the server 22. Then, other existing key masters 24 in Step 80 send approval messages if it approves the addition of the new device and an approval message will include the necessary key fragment 36 held by the existing key master 24. When enough fragments 36 are received by the server 22 with a limited time frame, the server 22 allows the new key master 24 to register to the system in Step 82. The server 22 in Step 84 then re-calculates the share secrets (i.e. split the original main private key according to the new number of key masters 24 again) and redistribute it to all key masters 24 (both new and existing key masters). The re-calculation is needed as the new key master 24 needs to have a copy of a key fragment 36 as well, and this will require the system to reconstruct the main private key based on received, old fragments 36 and get new fragment 36. The main private key is then held by the new formation of key masters 24.”, the new key master corresponds to a replacement key unit and the particular existing key master submitting a request acts as a group authority, where shares are encrypted throughout the communication between the server and key masters as disclosed in [0049-0051], NG discloses in [0062] the case of removing a key master, e.g. key unit initially holding the second slice, and adding a new key master, e.g. replacement key unit, in which case, recalculation and then redistribution of a key fragment to the newly added key master can be the fragment replacing the removed key maser fragment).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Tegeder to incorporate the teaching of NG to utilize the above feature, with the motivation of sending a key share in case one key master is damaged, as recognized by (NG [0062]).

Regarding claim 24 (Original), Tegeder in view of NG teaches the computer program product of claim 23, wherein the instructions further cause the computer to: 
Tegeder does not disclose the below limitations.
NG discloses receive a replacement slice from the replacement key unit, and replace the first encrypted slice with the replacement slice (NG [0061-0062] disclose adding new key masters and removing key masters, which results into recalculation and distribution of key fragments, for example based on the teaching of NG in the above paragraphs, if there are two key masters: one key master A holding the first slice and one key master B recently added as discussed in claim 23. Then, if there is a newly added key master C to replace the key master A holding the first slice, then the server receives key slice from key master B, i.e. replacement slice, then the server recalculates and redistribute two key fragments/slices between key master B and C, one key fragment can be the replacement slice provided to key master C, i.e. the replacement slice replaces the first slice in key master C).  
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Tegeder to incorporate the teaching of NG to utilize the above feature, with the motivation of sending a key share in case one key master is damaged, as recognized by (NG [0062]).

Regarding claim 25 (Original), Tegeder in view of NG teaches the computer program product of claim 24, 
wherein the instructions further cause the computer to: 
Tegeder does not disclose the below limitations.
NG discloses receive one or more new group authority keys from the group authority (NG discloses in [0051] receiving, by the server, from one key master, corresponding to a group authority, an encryption key corresponding to one or more group authority keys, where the encryption key is renewed/changed when removing/adding master key units as disclosed in [0062]), 
generate, based on the one or more group authority keys, one or more new encrypted slices of the secret; and transmit at least one of the one or more new encrypted slices to the replacement key unit (NG discloses in [0013] the server conducting operations when unlocked by the encryption key, [0062] further discloses removing/adding key masters results in changing encryption key and recalculation and redistribution of “new” key fragments/slices to key masters, where the redistribution of the key fragments can result into sending a new key fragment to a recently added key master, corresponding to replacement key unit).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Tegeder to incorporate the teaching of NG to utilize the above feature, with the motivation of redistributing key fragments to accommodate newly added key master unit, in case one of the existing ones are damaged or have failed, as recognized by (NG [0061-0062]).

Claim 2, 5 and 18 is rejected under 35 U.S.C. 103 as being unpatentable over Tegeder (US 20190372765 A1), hereinafter Tegeder, NG (US 20210028931 A1), hereinafter NG and further in view of Yoo (US 20170019385 A1), hereinafter Yoo.

	Regarding claim 2 (Original), Tegeder in view of NG teaches the method of claim 1, further comprising: 
Tegeder discloses the aforementioned limitations, and further disclose the concept of group authority keys utilized for decrypting secrets, however, Tegeder in view of NG do not disclose the below limitations. Emphasis in Italic.
Yoo discloses generating a first fingerprint of the encrypted first slice and a second fingerprint of the encrypted second slice (Yoo [0067] “…the key access server 100 receives hash values from host servers 200 in which encrypted key pieces are distributed and distributed, respectively (S140).”, [0093] “The host servers 200 generate hash values of the decrypted key pieces”, where the host servers 200 send generated hashed values of key pieces to the key access server 100 corresponding to the group authority, where the hash value of the key pieces, i.e. first key piece and second key piece, correspond to the first fingerprint of the previously encrypted first slice and the second fingerprint of the previously encrypted second slice, respectively, consistent with the use of a hash function for fingerprints on key pieces, as disclosed in [0045] of the instant application, the encrypted slices are decrypted and hashed, i.e. fingerprint of the previously encrypted slice); and 
sending the first fingerprint and the second fingerprint to the group authority (Yoo [0067] “…the key access server 100 compares the received hash values and the hash values of the generated key pieces to determine whether the hash values are the same as each other (S145).”), 
wherein the receiving the one or more group authority keys is in response to the group authority validating the first fingerprint and the second fingerprint (Yoo further discloses in Figure 5 transmitting secret service key, received by the service device 400, as disclosed in [0083], in response to the validation of hash values, fingerprint, of the key pieces as illustrated in S235 of Figure 5, where the secret service key is used by the service to reveal secret information).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Tegeder to incorporate the teaching of Yoo to utilize the above feature, with the motivation of enhancing security by validating hash values of key pieces, as recognized by (Yoo Figure 5).

Regarding claim 5 (Original), Tegeder in view of NG teaches the method of claim 3, 
Tegeder in view of NG do not disclose the below limitations. 
Yoo discloses further comprising: generating a first new fingerprint of the encrypted first new slice; generating a second new fingerprint of the encrypted second slice (Yoo [0067] “Next, the key access server 100 receives hash values from host servers 200 in which encrypted key pieces are distributed and distributed, respectively (S140).”, [0093] “The host servers 200 generate hash values of the decrypted key pieces”, where the host servers 200 send generated hashed values of key pieces to the key access server 100 corresponding to the group authority, where the hash value of the key pieces, i.e. first key piece and second key piece, correspond to the first fingerprint of the encrypted first slice and the second fingerprint of the encrypted second slice, respectively, Yoo further discloses generating hash values from master key pieces, Yoo further discloses that the master key is required to be renewed, [0052, 0115] “the key access server 100 receives the random seed from the host servers 200 that are stably connected at the time when a new master key is required” indicating that the process illustrated in Figure 4 is performed including receiving “new” hash values (S140) of the master key pieces); and 
transmitting the first new fingerprint and the second new fingerprint to the group authority (Yoo [0067] “…the key access server 100 compares the received hash values and the hash values of the generated key pieces to determine whether the hash values are the same as each other (S145).”, where renewing master key results into new hash values of master key pieces).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Tegeder in view of NG to incorporate the teaching of Yoo to utilize the above feature, with the motivation of validating master key pieces and reducing a possibility of predicting a value of the generated master key, as recognized by (Yoo [0115]).

Regarding claim 18 (Original), Tegeder in view of NG teaches the computer program product of claim 17, wherein the instructions further cause the computer to: 
Tegeder in view of NG do not disclose the below limitations.
generate one or more fingerprints based on the secret key; and transmit the one or more fingerprints to the group authority (Yoo [0067] “Next, the key access server 100 receives hash values from host servers 200 in which encrypted key pieces are distributed and distributed, respectively (S140)…the key access server 100 compares the received hash values and the hash values of the generated key pieces to determine whether the hash values are the same as each other (S145).”, [0093] “The host servers 200 generate hash values of the decrypted key pieces”, where the host servers 200 send generated hashed values of key pieces to the key access server 100, where the hash value of the key pieces, i.e. first key piece and second key piece, correspond to the first fingerprint of the encrypted first slice and the second fingerprint of the encrypted second slice).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Tegeder in view of NG to incorporate the teaching of Yoo to utilize the above feature, with the motivation of enhancing security by validating hash values of key pieces, as recognized by (Yoo Figure 5).
  
Claims 8 is rejected under 35 U.S.C. 103 as being unpatentable over Tegeder (US 20190372765 A1), hereinafter Tegeder, NG and further in view of Yoo (US 20170019385 A1), hereinafter Yoo, Machani et. al. (US 9954680 B1), hereinafter Machani and Li et. al. (US 20200195621 A1), hereinafter Li.

Regarding claim 8 (Original), Tegeder in view of NG teaches the method of claim 1, further comprising:
Tegeder in view of NG do not explicitly disclose the below limitations.
 Yoo discloses storing the reconstructed secret in a secret access control unit (Yoo disclose soring in memory based database 700, corresponding to the secret access control unit, the reconstructed master key repeatedly used in order to improve an access speed of the key access sever 100 to the master key, [0047] “A memory based database 700 may store the master key repeatedly used by the key access server 100 in a memory therein, in order to improve an access speed of the key access sever 100 to the master key…the memory based database 700 may store the master key reconstructed by the key access server 100.”); 
receiving request from a user, and responding to the request using the reconstructed secret (Yoo [0047] “the memory based database 700 may store the master key reconstructed by the key access server 100. The memory based database 700 may receive a request for a master key from the key access server 100. The memory based database 700 may transmit to the key access server 100 the master key stored in the memory in response to the request for the master key.”, where the request from the access server is further in response to request from service device by the user to retrieve service key as disclosed in [0007,0008, 0047]).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Tegeder to incorporate the teaching of Yoo to utilize the above feature, with the motivation of improving access speed, as recognized by (Yoo [0047]).
While Yoo discloses the above limitations, where a server device requesting reconstructed master key, and the reconstructed master key is received in response to the request, however, Yoo does not disclose that the reconstructed master key is encrypted, and then decrypted by a key from a distinct device.
Machani discloses encrypting reconstructed secret, and decrypting the reconstructed secret using a user key (Machani discloses a managed device 24 receiving an encrypted reconstructed encryption key and decrypting the reconstructed encryption key using the private key of the Managed Device 24, Col. 8 line 65-67 and Col. 9 line 1-8 “When Managed Device 24 receives Reconstructed Master Encryption Key 212, it may use its private key to decrypt Reconstructed Master Encryption Key 212. Managed Device 24 may then use the decrypted Reconstructed Master Encryption Key 212 to complete its startup.”).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Tegeder in view of NG and Yoo to incorporate the teaching of Machani to utilize the above feature, with the motivation of enhancing security by protecting a key store and using the decrypted reconstructed key for encrypting sensitive information during startup operation, as recognized by (Machani Col. 9 line 1-10).
Tegeder in view of Yoo and Machani do not explicitly disclose request including a user key.
Li discloses request include a user key (Li disclose in [0006] sending a request that includes a user key, where the user key is used to decrypt a server key).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Tegeder in view of NG, Yoo and Machani to incorporate the teaching of Li to utilize the above feature, with the motivation of providing control of sensitive data by encrypting and decrypting the sensitive information using multiple authority keys, as recognized by (Li [0005]).

Claims 10 is rejected under 35 U.S.C. 103 as being unpatentable over Tegeder (US 20190372765 A1), hereinafter Tegeder, NG and further in view of Orsini (US 20110202755 A1), hereinafter Orsini.

Regarding claim 10 (Original), Tegeder teaches the method of claim 1, 
Tegeder in view of NG do not disclose the below limitation.
Orsini discloses wherein the group authority is a certificate authority (Orsini discloses in [0550] the group authority, which may be root certificate authorities are used to provide certificates to secret shares for encrypting the secret shares).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Tegeder in view of NG to incorporate the teaching of Orsini to utilize the above feature, with the motivation of distributing trust among a set of certificate authorities in the structure of the communication channel, as recognized by (Orsini Abstract).

  Claims 11-14 and 16 are rejected under 35 U.S.C. 103 as being unpatentable over NG (US 20210028931 A1), hereinafter NG, in view of Naqvi et. al. (US 20210034299 A1), hereinafter Naqvi (Note: Citation from us-provisional-application US 62879642), and further in view of Yoo (US 20170019385 A1), hereinafter Yoo.

Regarding claim 11 (Previously Presented), NG teaches a system (NG illustrates a system in Figure 1), comprising: 
a memory; and a central processing unit (CPU) coupled to the memory, the CPU configured to execute instructions to (NG Figure 1 and [0049] “Referring now to FIG. 1…a distributed key management system which contains a server 22, a key consumer 20, and a plurality of key masters 24.”, components of the system perform process and instructions indicating a computer with memory and processor, e.g. consumer corresponding to a computer system, key masters corresponding to android smartphones as disclosed in [0049, 0051, 0063]): 
determine that a key unit storing a secret has failed, the key unit included in a group (NG [0033] “ if an existing key-holding device is lost or damaged and must be removed from being able to communicate with the server, this also requires a sufficient number of existing key-holding devices to approve.”, [0062] “ If the distributed key management system of FIG. 1 encounters a situation that a key master 24 is lost from its user, damaged, or otherwise not functional to complete operations required for the distributed key management system, then this non-functional key master 24 should be prohibited from communicating with the server 22 regarding the distributed key management function to avoid security risks… the server 22 in Step 90 then removes the public key of the non-functional key master 24 from its configuration file 30, resulting in the non-functional key master 24 not being able to access the server 22 again.”, where the system determines a particular key master has failed, and accordingly removing its public key from the server’s configuration file, as illustrated in Figure 9 (88-92)); 
identifying, responsive to the determining, a replacement key unit (NG [0062] “a new key master 34 will be added shortly after a non-functional key master 34 is removed”, [0064] “An on-screen button 106 is provided for the current key master to add a new key master into the system, similar to Step 78 in FIG. 8. An “Add Device” request will then be shown on all key masters' home page 96 and waiting to be approved”, where the existing key masters identifies and approves the new/replacement key unit as illustrated in Figure 8 (78-82) and [0061] “when adding a new key master 24 to the system, any existing key master 24 can initiate a request by submitting the new key master's public key to the server 22. Then, other existing key masters 24 in Step 80 send approval messages if it approves the addition of the new device” ); 
transmitting, responsive to the identifying, a signal to the group, the signal indicating that the replacement key unit [is to reconstruct the secret] (NG [0064] “An on-screen button 106 is provided for the current key master to add a new key master into the system, similar to Step 78 in FIG. 8. An “Add Device” request will then be shown on all key masters' home page 96 and waiting to be approved”), 
responsive to the validation, transmit one or more stored group authority keys to the replacement key unit (NG [0062] “The server 22 then changes the encryption key 34 of its configuration file 30 in Step 92, and distribute the new encryption key 34 y to all other key masters 24 in Step 94”, where the server transmits a new encryption key, one or more stored group authority keys, to all registered key masters, including the newly registered key master as illustrated in Figure 8 (82) and [0051] “server 22 shares the encryption key 34 with all key masters 24 that are registered with the server 22”).
NG discloses distributing encryption keys to key masters, however, NG does not explicitly disclose the below limitation.
Naqvi discloses transmitting a signal to the group, the signal indicating that the replacement key unit is to reconstruct the secret (Naqvi Figure 3 illustrates that responsive to replacing the original user device, with a new user device, the custodian sends a signal challenge with signature of Z3  in step 4 and a signal challenge with signature of Z4 in step 7, and accordingly the new/replacement user device sends a signal to the remaining storage nodes in steps 11 and 14  to retrieve the key fragments, as disclosed in Page 11 line 9-13).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified NG to incorporate the teaching of Naqvi to utilize the above feature, with the motivation of replacing lost or corrupted device, as recognized by (Naqvi Page 10 lines 9-24, Page 11 line 1-17 and throughout).
While NG discloses consensus approval as a form of validation and further discloses “” , and Naqvi discloses a form of validation, by a custodian and the storage nodes, and accordingly, transmit newly calculated key fragment to a newly added user device, replacement key unit, (Naqvi illustrates in Figure 3 steps 10 and 13, the storage nodes validate the signal from the new/replacement user device and accordingly collectively transmit the key fragment to construct the cryptographic key for the user device, as disclosed in Page 5 line 1-14, in response to the overall validation, receiving by the new/replacement user device a reassembled key), however, NG in view of Naqvi does not disclose the below validation.
Yoo discloses receive fingerprints of encrypted key slices from a replacement key unit; validate the received fingerprints, the validating including comparing the received fingerprints to stored fingerprints stored in a fingerprint storage (Yoo [0067] “…the key access server 100 receives hash values from host servers 200 in which encrypted key pieces are distributed and distributed, respectively (S140)…the key access server 100 compares the received hash values and the hash values of the generated key pieces to determine whether the hash values are the same as each other (S145).”).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified NG in view of Naqvi to incorporate the teaching of Yoo to utilize the above feature, with the motivation of enhancing security by validating hash values of key pieces and ensuring the key pieces is associated with their hash values, as recognized by (Yoo Figure 5).

Regarding claim 12 (Original), NG in view of Naqvi and Yoo teaches the system of claim 11, wherein the CPU is further configured to: add the replacement key unit to the group; and validate an identity of the replacement key unit (NG [0062] “a new key master 24 will be added shortly after a non-functional key master 34 is removed”, [0064] “An on-screen button 106 is provided for the current key master to add a new key master into the system, similar to Step 78 in FIG. 8. An “Add Device” request will then be shown on all key masters' home page 96 and waiting to be approved”, where the existing key masters identifies and approves/validate the new/replacement key unit as illustrated in Figure 8 (78-82) and [0061]).

Regarding claim 13 (Original), NG in view of Naqvi and Yoo teaches the system of claim 11, wherein the CPU is further configured to: 
generate one or more new group authority keys; and transmit the one or more new group authority keys to the replacement key unit (NG [0062] “The server 22 then changes the encryption key 34 of its configuration file 30 in Step 92, and distribute the new encryption key 34 y to all other key masters 24 in Step 94”, where the server transmits a new encryption key, one or more stored group authority keys, to all registered key masters, including the newly registered key master as illustrated in Figure 8 (82) and [0051] “server 22 shares the encryption key 34 with all key masters 24 that are registered with the server 22”).

Regarding claim 14 (Previously Presented), NG in view of Naqvi and Yoo teaches the system of claim 12, wherein the CPU is further configured to: 
NG discloses a new key master, where it is approved/validated by existing key masters, Naqvi discloses a new user device, to replace a lost/corrupted user device, where the new user devices is authenticated by the custodian and the storage nodes, however, NG in view of Naqvi do not disclose utilizing hash values of key pieces/shares, i.e. fingerprints. Emphasis in Italic.
Yoo discloses receive new fingerprints from the replacement key unit; and store the new fingerprints in a fingerprint store (Yoo [0067] “Next, the key access server 100 receives hash values from host servers 200 in which encrypted key pieces are distributed and distributed, respectively (S140).”, [0093] “The host servers 200 generate hash values of the decrypted key pieces”, where the host servers 200 send generated hashed values of key pieces to the key access server 100 corresponding to the group authority, where the hash value of the key pieces correspond to the fingerprint, Yoo further discloses generating hash values from master key pieces, Yoo further discloses that the master key, divided into key pieces, is required to be renewed, [0052, 0115] “the key access server 100 receives the random seed from the host servers 200 that are stably connected at the time when a new master key is required” indicating that the process illustrated in Figure 4, for distributing the new master key pieces, is performed including receiving “new” hash values (S140) of the master key pieces) in order to be able to perform and complete the operation illustrated in Figures 4 and 5). 
 It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified NG in view of Naqvi to incorporate the teaching of Yoo to utilize the above feature, with the motivation of validating master key pieces and reducing a possibility of predicting a value of the generated master key, as recognized by (Yoo [0115]).

Regarding claim 16 (Original), NG in view of Naqvi and Yoo teaches the system of claim 11, wherein the secret is a storage encryption key (Naqvi discloses in Page 4 line 16-21 the private key, i.e. secret, to access an account and authenticate/validate transactions, Page 5 line 1-8, 14-22 discloses fragmenting the private key distributed and eventually combined to be used for accessing the account).    

Claims 15 is rejected under 35 U.S.C. 103 as being unpatentable over NG (US 20210028931 A1), hereinafter NG in view of Naqvi et. al. (US 20210034299 A1), hereinafter Naqvi (Note: Citation from us-provisional-application US 62879642), Yoo (US 20170019385 A1), hereinafter Yoo, and further in view of Orsini (US 20110202755 A1), hereinafter Orsini.

Regarding claim 15 (Previously Presented), NG in view of Naqvi and Yoo teaches the system of claim 11, 
Naqvi in view of Yoo do not disclose the below limitation.
Orsini discloses wherein the system is a certificate authority (Orsini discloses in [0550] the group authority, which may be root certificate authorities are used to provide certificates to secret shares for encrypting the secret shares).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified NG in view of Naqvi and Yoo to incorporate the teaching of Orsini to utilize the above feature, with the motivation of distributing trust among a set of certificate authorities in the structure of the communication channel, as recognized by (Orsini Abstract).

Claim 22 is rejected under 35 U.S.C. 103 as being unpatentable over Tegeder (US 20190372765 A1), hereinafter Tegeder in view of NG (US 20210028931 A1), hereinafter NG, and further in view of Juels et. al (US 8031875 B1), hereinafter Juels.

Regarding claim 22 (Original), Tegeder in view of NG teaches the computer program product of claim 17, wherein the instructions further cause the computer to: 
Tegeder does not explicitly disclose the below limitations.
NG discloses generate, based on the encrypted slices [and an error correcting code], a second plurality of slices; and transmit the second plurality of slices to a plurality of key units (NG discloses recalculating/generating share secrets, i.e. second plurality of slices, based on receiving from other key masters, enough number of share secrets, original plurality of slices, and then transmit the recalculated/generated shared secrets to the key masters, [0061] “When enough fragments 36 are received by the server 22 with a limited time frame, the server 22 allows the new key master 24 to register to the system in Step 82. The server 22 in Step 84 then re-calculates the share secrets (i.e. split the original main private key according to the new number of key masters 24 again) and redistribute it to all key masters 24 (both new and existing key masters). The re-calculation is needed as the new key master 24 needs to have a copy of a key fragment 36 as well, and this will require the system to reconstruct the main private key based on received, old fragments 36 and get new fragment 36. The main private key is then held by the new formation of key masters 24.”, where the secret shares are encrypted during transmission as disclosed in [0051]).
  It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Tegeder to incorporate the teaching of NG to utilize the above feature, with the motivation of redistributing key fragments to accommodate newly added key master unit, in case one of the existing ones are damaged or have failed, as recognized by (NG [0061-0062]).
Tegeder in view of NG do not disclose generation of shares/slices based on error correcting code. Emphasis in italic.
Juels discloses generate, based on an error correcting code, a second plurality of slices; and transmit the second plurality of slices to a plurality of key units (Juels discloses in Col. 2 line 5-15 generating small shares of an encryption key utilizing an error correction code, e.g. Reed-Solomon, “Improvements are directed to techniques which involve encryption of data using an encryption key, and then secret sharing of that encryption key using error correction code (ECC) encoding. In particular, use of certain types of ECC encoding such as Reed-Solomon encoding is capable of providing extremely small shares (e.g., "tiny shares") but nevertheless delivers an acceptable level of information security”, Figure 3 (130) illustrates storing the different shares on different memory devices, i.e. key units).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Tegeder in view of NG to incorporate the teaching of Juels to utilize the above feature, with the motivation of providing tiny shares and delivering acceptable level of information security, as recognized by (Juels Col. 2 line 5-15).

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to BASSAM A NOAMAN whose telephone number is (571)272-2705. The examiner can normally be reached Monday-Friday 8:30 AM-5:00PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Eleni A. Shiferaw can be reached on (571) 272-3867. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/BASSAM A NOAMAN/Examiner, Art Unit 2497