DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.

In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
Claims 1-17 are rejected under 35 U.S.C. 102(a)(2) as being anticipated by Gopal et al., (US 20170093567 A1) hereinafter referred to as Gopal.
Regarding Claim 1, Gopal discloses An integrated circuit, comprising: a secure hardware environment including a decryption system; wherein the decryption system comprises: a first input configured to receive a key number; [paragraph 0016, For example, embodiments of the present invention may be used to generate, within a processor, any number of cryptographic keys, each of which may be used on the processor by software having access to a corresponding processor-specific “handle” for the key – the “handle” is the “key number”] [paragraph 0068, In box 554, the handle may be provided to the processor (e.g., by the software referred to in box 552) in connection with an instruction or other request to encrypt or decrypt information] 
a key generation device configured to generate a secret key from the key number and a unique key; [paragraph 0071, In box 560, the processor may decrypt the handle using its processor key (e.g., PK 250) to generate a decrypted key] 
a signature generation device configured to generate a signature associated with the key number; [paragraph 0037, Execution unit 230 may include authentication hardware 236 to implement any one or more hashing algorithms (e.g., a Secure Hash Algorithm (SHA), a Galois hash (GHASH) algorithm, etc.), generate a message authentication code (MAC), authentication tag, or other data that may be used to authenticate or verify the integrity of the handle (e.g., that it was properly generated using the processor's PK) – there is data that is generated to authenticate the handle. This is the generated signature] 
a second input configured to receive encrypted binary data; [paragraph 0072, In box 562, the processor may use the decrypted key to encrypt or decrypt the information as requested in box 554] 
a decryption device configured to decrypt said encrypted binary data by using the secret key generated by the key generation device; [paragraph 0072, In box 562, the processor may use the decrypted key to encrypt or decrypt the information as requested in box 554] 
a third input configured to receive an authentication signature, [paragraph 0028, the handle is to include an authentication tag or other meta-data that may be used for the processor to verify that the handle was properly generated using the processor's PK] 
an authentication device configured to authorize the use of the secret key generated by the key generation device to decrypt said encrypted binary data if the signature generated by the signature generation device is identical to the authentication signature. [paragraph 0069-0071, In box 556, the processor may attempt to authenticate the handle using authentication information included in the handle…If authentication passes, then method 500 continues in box 560. In box 560, the processor may decrypt the handle using its processor key (e.g., PK 250) to generate a decrypted key - The authentication of the "handle" necessarily involves recalculating the "authentication information [=authentication tag, eg MAC]" and comparing it to that included in the "handle"]
Regarding Claim 2, Gopal discloses wherein the secure hardware environment further comprises a key registry configured to record the secret key generated by the key generation device, [paragraph 0024, Storage location 210 may include source register 211 (which may represent a set of registers) to hold a cryptographic key, a value to be used as a cryptographic key, a value from which a cryptographic key may be derived, a portion of such a key, any other data desired to be protected using encryption according to an embodiment of the present invention] 
and wherein the authentication device is configured to authorize recording of the secret key in the key registry only if the signature generated by the signature generation device of the decryption system is identical to the authentication signature [paragraph 0069-0071, In box 556, the processor may attempt to authenticate the handle using authentication information included in the handle…If authentication passes, then method 500 continues in box 560. In box 560, the processor may decrypt the handle using its processor key (e.g., PK 250) to generate a decrypted key - The authentication of the "handle" necessarily involves recalculating the "authentication information [=authentication tag, eg MAC]" and comparing it to that included in the "handle"]
Regarding Claim 3, Gopal discloses wherein an output of the key registry delivers the recorded secret key to the decryption device to decrypt said encrypted binary data. [paragraph 0072, In box 562, the processor may use the decrypted key to encrypt or decrypt the information as requested in box 554]
Regarding Claim 4, Gopal discloses wherein the unique key is a unique hardware key recorded in the secure hardware environment. [paragraph 0036, PK 250 (as described below) may be within, hardwired, or otherwise connected to cryptography hardware 234 and/or execution unit 230 such that PK 250 may be used as a cryptographic key in any one or more encryption algorithms performed by cryptographic hardware 234 and/or execution unit 230]
Regarding Claims 5 and 15, Gopal discloses wherein the decryption device is configured to carry out an AES decryption algorithm. [paragraph 0035, Execution unit 230 may include cryptography hardware 234 to implement any one or more cryptographic algorithms, such as an Advanced Encryption Standard (AES) algorithm in electronic-code-book (ECB), Galois-counter-mode (GCM), and/or cipher-block-chaining (CBC) mode. Alternatively, encryption may be performed by other hardware (e.g., shared, general-purpose hardware) in execution unit 230]
Regarding Claims 6 and 16, Gopal discloses wherein the key generation device is configured to carry out an AES algorithm according to a counter mode with CBC-MAC in order to generate the secret key from the key number and the unique key. [paragraph 0035, Execution unit 230 may include cryptography hardware 234 to implement any one or more cryptographic algorithms, such as an Advanced Encryption Standard (AES) algorithm in electronic-code-book (ECB), Galois-counter-mode (GCM), and/or cipher-block-chaining (CBC) mode. Alternatively, encryption may be performed by other hardware (e.g., shared, general-purpose hardware) in execution unit 230]
Regarding Claims 7 and 17, Gopal discloses wherein the key generation device is configured to implement an AES algorithm according to a mode GCM in order to generate the secret key from the key number and the unique key. [paragraph 0035, Execution unit 230 may include cryptography hardware 234 to implement any one or more cryptographic algorithms, such as an Advanced Encryption Standard (AES) algorithm in electronic-code-book (ECB), Galois-counter-mode (GCM), and/or cipher-block-chaining (CBC) mode. Alternatively, encryption may be performed by other hardware (e.g., shared, general-purpose hardware) in execution unit 230]
Regarding Claim 8, Gopal discloses wherein the secure hardware environment further includes an encryption system, said encryption system comprising: a fourth input configured to receive binary data; [Abstract, The instruction hardware is to receive a first instruction in an instruction set of the processor. The first instruction is to encrypt input data with the processor key and return a handle – the “input data” is the “binary data”] 
a symmetric encryption device configured to encrypt said binary data by using the secret key generated by the key generation device; [paragraph 0045, PK 250 is derived from a random number generator, a new value of PK 250 may be generated each time processor 200 is reset] [Abstract, The instruction hardware is to receive a first instruction in an instruction set of the processor. The first instruction is to encrypt input data with the processor key and return a handle] 
a first output configured to deliver the binary data encrypted by the symmetric encryption device; [paragraph 0050, Execution of this embodiment of a MOV_ENCRYPT instruction causes execution unit 230 to incrementally perform a block-by-block encryption operation (“block-cipher-encrypt”) with PK 250 as the encryption key and the content of the input buffer as the plain-text, where the cipher-text (the handle) is written to the output buffer] 
and a second output configured to deliver the signature generated by the signature generation device. [paragraph 0037, Execution unit 230 may include authentication hardware 236 to implement any one or more hashing algorithms (e.g., a Secure Hash Algorithm (SHA), a Galois hash (GHASH) algorithm, etc.), generate a message authentication code (MAC), authentication tag, or other data that may be used to authenticate or verify the integrity of the handle (e.g., that it was properly generated using the processor's PK) – there is data that is generated to authenticate the handle. This is the generated signature]
Regarding Claim 9, Gopal discloses wherein said encryption system further comprises: a first input configured to receive a key number, [paragraph 0016, For example, embodiments of the present invention may be used to generate, within a processor, any number of cryptographic keys, each of which may be used on the processor by software having access to a corresponding processor-specific “handle” for the key – the “handle” is the “key number”] [paragraph 0068, In box 554, the handle may be provided to the processor (e.g., by the software referred to in box 552) in connection with an instruction or other request to encrypt or decrypt information] 
a further key generation device configured to generate the secret key from the key number and the unique key; [paragraph 0071, In box 560, the processor may decrypt the handle using its processor key (e.g., PK 250) to generate a decrypted key] 
and a further signature generation device configured to non-reversibly generate the signature associated with the key number. [paragraph 0037, Execution unit 230 may include authentication hardware 236 to implement any one or more hashing algorithms (e.g., a Secure Hash Algorithm (SHA), a Galois hash (GHASH) algorithm, etc.), generate a message authentication code (MAC), authentication tag, or other data that may be used to authenticate or verify the integrity of the handle (e.g., that it was properly generated using the processor's PK) – there is data that is generated to authenticate the handle. This is the generated signature]
Regarding Claim 10, Gopal discloses wherein the further signature generation device of the encryption system is identical to the signature generation device of the decryption system. [paragraph 0037, Execution unit 230 may include authentication hardware 236 to implement any one or more hashing algorithms (e.g., a Secure Hash Algorithm (SHA), a Galois hash (GHASH) algorithm, etc.), generate a message authentication code (MAC), authentication tag, or other data that may be used to authenticate or verify the integrity of the handle (e.g., that it was properly generated using the processor's PK) – there is data that is generated to authenticate the handle. This is the generated signature]
Regarding Claim 11, Gopal discloses wherein the further signature generation device of the encryption system is same as the signature generation device of the decryption system. [paragraph 0037, Execution unit 230 may include authentication hardware 236 to implement any one or more hashing algorithms (e.g., a Secure Hash Algorithm (SHA), a Galois hash (GHASH) algorithm, etc.), generate a message authentication code (MAC), authentication tag, or other data that may be used to authenticate or verify the integrity of the handle (e.g., that it was properly generated using the processor's PK) – there is data that is generated to authenticate the handle. This is the generated signature]
Regarding Claim 12, Gopal discloses wherein the further key generation device of the encryption system is identical to the key generation device of the decryption system. [paragraph 0071, In box 560, the processor may decrypt the handle using its processor key (e.g., PK 250) to generate a decrypted key]
Regarding Claim 13, Gopal discloses wherein the further key generation device of the encryption system is same as the key generation device of the decryption system. [paragraph 0071, In box 560, the processor may decrypt the handle using its processor key (e.g., PK 250) to generate a decrypted key]
Regarding Claim 14, Gopal discloses wherein the secure hardware environment further comprises: a first key registry configured to record the secret key generated by the key generation device; and a second key registry configured to record the secret key generated by the further key generation device. [paragraph 0024, Storage location 210 may include source register 211 (which may represent a set of registers) to hold a cryptographic key, a value to be used as a cryptographic key, a value from which a cryptographic key may be derived, a portion of such a key, any other data desired to be protected using encryption according to an embodiment of the present invention]

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
Claims 18-19 are rejected under 35 U.S.C. 103 as being unpatentable over Gopal in view of Ryan et al., (US 20080170694 A1) hereinafter referred to as Ryan.
Regarding Claim 18, Gopal discloses 18. A method for decrypting encrypted binary data in a secure hardware environment, comprising: receiving a key number; [paragraph 0016, For example, embodiments of the present invention may be used to generate, within a processor, any number of cryptographic keys, each of which may be used on the processor by software having access to a corresponding processor-specific “handle” for the key – the “handle” is the “key number”] [paragraph 0068, In box 554, the handle may be provided to the processor (e.g., by the software referred to in box 552) in connection with an instruction or other request to encrypt or decrypt information] 
generating a secret key from the key number and a unique key; [paragraph 0071, In box 560, the processor may decrypt the handle using its processor key (e.g., PK 250) to generate a decrypted key] 
generating a signature associated with the key number; [paragraph 0037, Execution unit 230 may include authentication hardware 236 to implement any one or more hashing algorithms (e.g., a Secure Hash Algorithm (SHA), a Galois hash (GHASH) algorithm, etc.), generate a message authentication code (MAC), authentication tag, or other data that may be used to authenticate or verify the integrity of the handle (e.g., that it was properly generated using the processor's PK) – there is data that is generated to authenticate the handle. This is the generated signature] 
receiving said encrypted binary data; [paragraph 0072, In box 562, the processor may use the decrypted key to encrypt or decrypt the information as requested in box 554] 
receiving an authentication signature; [paragraph 0028, the handle is to include an authentication tag or other meta-data that may be used for the processor to verify that the handle was properly generated using the processor's PK]
decrypting said encrypted binary data by using said secret key if the signature generated is identical to the authentication signature; [paragraph 0069-0071, In box 556, the processor may attempt to authenticate the handle using authentication information included in the handle…If authentication passes, then method 500 continues in box 560. In box 560, the processor may decrypt the handle using its processor key (e.g., PK 250) to generate a decrypted key - The authentication of the "handle" necessarily involves recalculating the "authentication information [=authentication tag, eg MAC]" and comparing it to that included in the "handle"]
Gopal does not explicitly teach delivering decrypted binary data outside the secure hardware environment.
Ryan teaches delivering decrypted binary data outside the secure hardware environment. [paragraph 0004, Only when the appropriate fee or subscription is paid are the correct decryption keys provided to a user's set-top-box thereby allowing the broadcast signals to be decrypted or descrambled. The security of this system therefore relies on the confidentiality of the decryption keys and other decryption or descrambling data] 
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to combine the teachings of Ryan with the disclosure of Gopal. The motivation or suggestion would have been “to prevent unauthorized access to data used within the device.” (paragraph 0002)
Regarding Claim 19, Gopal discloses A method for encrypting binary data in a secure hardware environment, comprising: receiving a key number; [paragraph 0016, For example, embodiments of the present invention may be used to generate, within a processor, any number of cryptographic keys, each of which may be used on the processor by software having access to a corresponding processor-specific “handle” for the key – the “handle” is the “key number”] [paragraph 0068, In box 554, the handle may be provided to the processor (e.g., by the software referred to in box 552) in connection with an instruction or other request to encrypt or decrypt information] 
generating a secret key from the key number and a unique key; [paragraph 0071, In box 560, the processor may decrypt the handle using its processor key (e.g., PK 250) to generate a decrypted key] 
non-reversibly generating a signature associated with the key number; [paragraph 0037, Execution unit 230 may include authentication hardware 236 to implement any one or more hashing algorithms (e.g., a Secure Hash Algorithm (SHA), a Galois hash (GHASH) algorithm, etc.), generate a message authentication code (MAC), authentication tag, or other data that may be used to authenticate or verify the integrity of the handle (e.g., that it was properly generated using the processor's PK) – there is data that is generated to authenticate the handle. This is the generated signature] 
receiving said binary data; [paragraph 0072, In box 562, the processor may use the decrypted key to encrypt or decrypt the information as requested in box 554] 
encrypting said binary data by using the secret key; [Abstract, The first instruction is to encrypt input data with the processor key and return a handle]
said signature being adapted for being used as an authentication signature in a decryption method. [paragraph 0069-0071, In box 556, the processor may attempt to authenticate the handle using authentication information included in the handle…If authentication passes, then method 500 continues in box 560. In box 560, the processor may decrypt the handle using its processor key (e.g., PK 250) to generate a decrypted key - The authentication of the "handle" necessarily involves recalculating the "authentication information [=authentication tag, eg MAC]" and comparing it to that included in the "handle"]
Gopal does not explicitly teach delivering outside the secure hardware environment encrypted binary data; and delivering the signature associated with the key number outside the secure hardware environment.
Ryan teaches delivering outside the secure hardware environment encrypted binary data; and delivering the signature associated with the key number outside the secure hardware environment, [paragraph 0004, Only when the appropriate fee or subscription is paid are the correct decryption keys provided to a user's set-top-box thereby allowing the broadcast signals to be decrypted or descrambled. The security of this system therefore relies on the confidentiality of the decryption keys and other decryption or descrambling data] 
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to combine the teachings of Ryan with the disclosure of Gopal. The motivation or suggestion would have been “to prevent unauthorized access to data used within the device.” (paragraph 0002)

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ANDREW J STEINLE whose telephone number is (571)272-9923. The examiner can normally be reached M-F 10am-6pm CT.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Eleni Shiferaw can be reached on (571) 272-3867. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/ANDREW J STEINLE/Primary Examiner, Art Unit 2497