DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

EXAMINER’S AMENDMENT
An examiner’s amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.
Authorization for this examiner’s amendment was given in an interview with Thomas Dienwiebel on 07/21/2022.
The application has been amended as follows: 
12.	(Currently Amended) A vehicle with at least one processor, wherein the processor is configured for use in protected communication between the vehicle and an external server, and wherein the processor is further configured for:
obtaining, from a protected memory area, at least one cryptographic key derived from at least one master key and a current key state;
obtaining, from another memory area, a master key reference, associated with the at least one master key;
obtaining from the other memory area, a current key state of the vehicle;
signing, with the derived cryptographic key, current key state of the vehicle; and
transmitting the message to an external server to allow authentication of the signed message from the vehicle by the server.

22.	(Currently Amended) A vehicle with at least one processor, wherein the processor is configured for use in protected communication between the vehicle and an external server, and wherein the processor is further configured for:
obtaining, from a protected memory area, at least one cryptographic key derived from at least one master key and a current key state;
obtaining, from another memory area, a master key reference, associated with the at least one master key;
obtaining from the other memory area, a current key state of the vehicle;
encrypting, with the cryptographic key, a message, wherein the message is additionally provided with the master key reference and the current key state of the vehicle, wherein the master key reference and the key state of the vehicle are transmitted unencrypted; and
transmitting the message to an external server to allow decryption of the encrypted message from the vehicle by the server.


Response to Amendment
Claims 1-10 and 12-22 are pending. Claims 1, 9, 12 and 19-22 are currently amended. Claim 11 is canceled. 
Applicant’s amendments to the claims and abstract will overcome each and every claim objection, 101 and 103 rejection, previously set forth in the Final Office Action mailed 05/16/2022. 


Allowable Subject Matter
Claims 1-10 and 12-22 are allowed.


Examiner’s Statement of Reasons for Allowance
The following is an examiner's statement of reasons for allowance: After further search and consideration and applicant remarks put forth in the Remarks of 01/28/2022 on pages 8-12, the prior art either taken alone or in combination neither anticipates nor render obvious to the claimed subject matter of the instant application. The prior art TAKEMORI et al. (US Pub No. 2019/0238325) discloses a communication system that allows communication between a vehicle and a server device. This communication system includes: the server device; a first arithmetic processing device installed in the vehicle; and a second arithmetic processing device that is a secure element and is installed in the vehicle. The second arithmetic processing device includes: a vehicle key storage unit that stores a first key and a second key; a vehicle authentication processing unit that performs authentication with the server device using the first key; and a vehicle key transmission/reception unit that transmits or receives a third key to or from the server device by encryption communication which uses the second key. The first arithmetic processing device includes a vehicle communication unit that performs encryption communication with the server device using the third key (TAKEMORI, Abstract), CHENNAKESHU (US Pub No. 2017/0200324) discloses vehicle data can be encrypted at block  with an identifier of a current driver, for example, log-in identifier and/or driver identification data, which can also be stored at server. Hence, when server decrypts vehicle data, an identifier of a current driver can be determined. Similarly, encrypted vehicle data can be transmitted with an unencrypted identifier of a current driver and the unencrypted identifier of a current driver can be used by server to determine which key to use to decrypt encrypted vehicle data. Indeed, in some implementations, encrypted vehicle data can include the encrypted identifier of a current driver and can also be transmitted with the unencrypted identifier of a current driver such that when encrypted vehicle data is decrypted, the two identifiers can be compared as a verification and/or as an integrity check. In yet a more complicated embodiment the driver identifier and vehicle data can be hashed and signed by the key and the signed hash together with the unsigned data can be sent to the server. The server decrypts the signed hash using the corresponding private key, then hashes the unsigned data using a similar hash algorithm and compares the two hashes. If they correspond there is an integrity check. (CHENNAKESHU, pages 7-8, paragraph 0093), DARNELL et al. (US Pub No. 2017/0134382) discloses a server comprising a portion of a reservation management (RM) system for a plurality of vehicles, the server comprising memory and a processor configured to execute instructions from the memory to: receive an encrypted message from a manufacturing work station in communication with a vehicle computing device, the message including a unique identifier (UID) associated with the vehicle computing device; decrypt the message; generate a unique encryption key from the UID; store the UID and the unique encryption key; generate an encrypted message that includes the unique encryption key for the vehicle computing device; and send the generated message to the manufacturing work station for storage in the vehicle computing device. Some embodiments further comprise: the vehicle computing device configured to communicate with a controller area network (CAN) bus of a vehicle, the vehicle computing device comprising memory and a processor, the memory storing a plurality of vehicle types and settings associated with each vehicle type, the processor configured to execute instructions from the memory to: query the CAN bus for the VIN of the vehicle; generate an encrypted message that includes the VIN and the UID; send the encrypted message to the server; receive an encrypted message from the server with a vehicle type associated with the vehicle; decrypt the received message; set the vehicle type in the nonvolatile memory of the vehicle computing device; and reboot with the settings associated with the set vehicle type. (DARNELL. Page 5, paragraph 0036), Zhang et al. (US Pub No. 2020/0213287) discloses securing electronic control units (ECUs) in a vehicle. A security platform for a vehicle includes a key distribution center (KDC) for the vehicle. The KDC is configured to verify that a digital certificate associated with a first electronic control unit (ECU) on the vehicle is a valid certificate, where the digital certificate indicates a first security level of the first ECU. The KDC is configured to generate, based on the first security level of the first ECU, one or more security keys for secure communication between the first ECU and a set of ECUs on the vehicle, and provision the one or more security keys to the first ECU and the set of ECUs. In some embodiments, the KDC uses the provisioned keys to authenticate each ECU when the vehicle is powered up. (Zhang, Abstract), KOMANO et al. (US Pub No. 2018/0076959) discloses an information processing device includes a conversion unit, an encryption unit, and a transmission unit. The conversion unit converts a first encryption key to be used for generation of a master key to be shared with a server device by using a second conversion rule to generate a third encryption key to be a new master key. The second conversion rule is different from a first conversion rule used for generation of a second encryption key that is the master key currently used for encrypted communication with the server device. The encryption unit generates a ciphertext so that the server device derives the third encryption key on a basis of the second encryption key and the third encryption key. The transmission unit transmits the ciphertext to the server device. (KOMANO, Abstract) and Kawaguchi et al. (US Pub No. 2020/0380326) discloses the encrypted message includes an encrypted portion and an unencrypted portion, the unencrypted portion including a secret key identifier that identifies the secret key to an authentication device. In some of these embodiments, the authentication device retrieves the secret key based on the secret key identifier and decrypts the encrypted message using the secret key. In some embodiments, the encrypted message further includes a secret pattern identifier that identifies the secret pattern to the authentication device. In some of these embodiments, the secret pattern is included in the unencrypted portion of the encrypted message. In some embodiments, the secret pattern is included in the encrypted portion of the encrypted message. (Kawaguchi, page 5, paragraph 0044), however, the prior art taken alone or in combination fails to teach or suggest “ transmitting from the vehicle to an external server a message, having an encrypted part that is encrypted with the cryptographic key, which message is additionally provided with the master key reference and the key state of the vehicle, wherein the master key reference and the key state of the vehicle are transmitted unencrypted; deriving a cryptographic key in the external server from the master key identified by the master key reference depending on the key state of the vehicle” (as recited in claims 1 & 21 and similarly in claims 12 & 22). Claims are allowed in light of the above claim limitations when in combination with the remaining claim limitations.
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SHAQUEAL D WADE whose telephone number is (571)270-0357. The examiner can normally be reached M-F 8:00-5:00.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kristine Kincaid can be reached on 571-272-4063. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.



/SHAQUEAL D WADE-WRIGHT/             Primary Examiner, Art Unit 2437