DETAILED ACTION
Continued Examination under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on05/27/2022, for application 16/203,191 has been entered.
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This Office Action is in response to the Amendment filed on 03/15/2022. In the instant amendment: Claims 1, 8 and 21 have been amended and claims 1, 8 and 21 are independent claims. Claims 7, 14 and 27 have been cancelled. Claims 1-6, 8-13, 21-26 have been examined and are pending. 
Examiner’s Notes: 
In attempt to promote compact prosecution, the Examiner called applicant’s representative, Jianning Yu (Reg. No.: 74,296 ) on June 7, 2022, to discuss possible Examiner’s amendment and to advance prosecution. However, the applicant and the Examiner were unable to reach an agreement.

Response to Arguments
Applicant’s argument with respect to amended claim 1, 8, and 21 have been considered but are moot in view of new ground(s) of rejection. Applicant’s argument necessitated the new ground(s) of rejection in this office action. 
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically discloses as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.
Claims 1-6, 8-13 and 21-26 are rejected under 35 U.S.C. 103 as being unpatentable over O’Hare et al. (“O’Hare,” US 20130013931, published Jan 10, 2013) in view of Nolan et al. (“Nolan,” US 20190035018, filed Dec. 29, 2017) and Machani et al. (“Machani,” US 9455968, issued Sept. 27, 2016).  
Regarding claim 1, O’Hare discloses a method for securely sharing and authenticating a last secret, the method comprising: 
generating, by a dealer computing system, a first key and a last secret, the first key providing access to a secure computing system, the last secret being the last cryptographic element controlling access to the first key (O’Hare [0525]. In such implementations, secure sharing system 4200 may create a one-time symmetric key which is used to wrap the session key (as the workgroup key described above typically would). The wrapped session key is then further encrypted with the public keys Pub-U14212a associated with User 1 and Pub-U242.12b associated with User 2 to form first and second encrypted keys, as described above. Multiple splitting and multiple encryption operations may also be performed, in any order. For example, a data set may be split into shares, then the shares encrypted, or a data set may be encrypted then split into shares. Multiple splitting and multiple encryption operations may also be performed, in any order. Additionally, any additional keys used to encrypt the file session key (e.g., a KEK) may themselves be split and encrypted any number of times in any suitable order. [Note that the “last secret” can itself be a key. See Specification [0036], [0094]]); 
splitting, by the dealer computing system, the last secret into a first split and a second split (O’Hare [0525]. In such implementations, secure sharing system 4200 may create a one-time symmetric key which is used to wrap the session key (as the workgroup key described above typically would). The wrapped session key is then further encrypted with the public keys Pub-U14212a associated with User 1 and Pub-U242.12b associated with User 2 to form first and second encrypted keys, as described above. Multiple splitting and multiple encryption operations may also be performed, in any order. For example, a data set may be split into shares, then the shares encrypted, or a data set may be encrypted then split into shares. Multiple splitting and multiple encryption operations may also be performed, in any order. Additionally, any additional keys used to encrypt the file session key (e.g., a KEK) may themselves be split and encrypted any number of times in any suitable order. [Note that the “last secret” can itself be a key. See Specification [0036], [0094]]); 
signing the first split and the second split using a dealer signing key of the dealer computing system so as to attach a dealer signature to each of the first split and the second split (O’Hare  [0389], [0485], [0487], [0528]. Examples of integrity information may include … digital signature information, message authentication code (MAC) information, any other suitable information, or any combination thereof. At step 4006, a secret sharing algorithm (e.g., Shamir) may be used to split the split encryption key, K, into key shares. Each key share may then be embedded into one of the output shares (e.g., in the share headers). Finally, a share integrity block and (optionally) a post-authentication tag (e.g., MAC) may be appended to the header block of each share. Each data share may include metadata, which may be necessary to permit correct reconstruction of the data blocks or data packets. The metadata may include such information as cryptographic key shares, key identities, share nonces, signatures/MAC values, and integrity blocks.[Note that in [0528], “the cryptographic sharing client of User 2 device 4202b then validates the encrypted file session key using the public key Pub-U1 4212a associated with User 1 (if the encrypted file session key was signed by the cryptographic sharing client of User 1 device 4202a).” A digital signature can be generated by a private key, and validated by a public key.]); 
encrypting, by the dealer computing system, the first split using a first key of a first share-holder and encrypting, by the dealer computing system, the second split using a first key of a second share- holder (O’Hare FIG. 23,  [0314] – [0317]. In this embodiment of the method, the session master key will be stored along with the secured data shares in a data depository. Separating the session master key according to the pattern of the Parser Master Key and append the key data to the optionally encrypted parsed data shares. Optionally generate an encryption key for each of the four data shares. Optionally encrypting each share with an existing or new encryption algorithm, then store the encryption keys in different locations from the encrypted data portions or shares.), 
the first share-holder structured to store the dealer signed and encrypted first split and the second share-holder structured to store the dealer signed and encrypted second split (O’Hare [0317], [0487], [0490]. Optionally encrypting each share with an existing or new encryption algorithm, then store the encryption keys in different locations from the encrypted data portions or shares. Each data share may include metadata, which may be necessary to permit correct reconstruction of the data blocks or data packets. This information may be included in the share header. The metadata may include such information as cryptographic key shares, key identities, share nonces, signatures/MAC values, and integrity blocks. To verify the integrity of the outputs blocks at recovery time, the secure data parser may compare the share integrity blocks of each share and then invert the split algorithm. The hash of the recovered data may then be verified against the share hash.); 
decrypting, by the first share-holder, the first split using the first key of the first share-holder [and encrypting, by the first share-holder, the first split using a second key of the first share-holder that has been established by a combining computing system, the second key of the first share-holder corresponding to a first asymmetric key being restricted to use by the first shareholder] (O’Hare FIG. 23, [0315] – [0318]. The resulting multiple shares of data will contain optionally encrypted portions of the original data and portions of the session master key. Optionally generate an encryption key for each of the four data shares. Optionally encrypting each share with an existing or new encryption algorithm, then store the encryption keys in different locations from the encrypted data portions or shares: for example, Share 1 gets Key 4, Share 2 gets Key 1, Share 3 gets Key 2, Share 4 gets Key 3. To restore the original data format, the steps are reversed [i.e., decrypting the encrypted shares, and reassemble the shares back to the original data].); 
decrypting, by the second share-holder, the second split using the first key of the second share- holder [and encrypting, by the second share-holder, the second split using a second key of the second share-holder that has been established by the combining computing system, the second key of the second share-holder corresponding to a second asymmetric key being restricted to use by the second shareholder] (O’Hare FIG. 23, [0315] – [0318]. The resulting multiple shares of data will contain optionally encrypted portions of the original data and portions of the session master key. Optionally generate an encryption key for each of the four data shares. Optionally encrypting each share with an existing or new encryption algorithm, then store the encryption keys in different locations from the encrypted data portions or shares: for example, Share 1 gets Key 4, Share 2 gets Key 1, Share 3 gets Key 2, Share 4 gets Key 3. To restore the original data format, the steps are reversed [i.e., decrypting the encrypted shares, and reassemble the shares back to the original data].)
wherein the encrypting maintains confidentiality of the last secret, and the dealer signature can be verified to determine integrity and authenticity of the last secret (O’Hare [0487], [0490], [0525]. Each data share may include metadata, which may be necessary to permit correct reconstruction of the data blocks or data packets. This information may be included in the share header. The metadata may include such information as cryptographic key shares, key identities, share nonces, signatures/MAC values, and integrity blocks. To verify the integrity of the outputs blocks at recovery time, the secure data parser may compare the share integrity blocks of each share and then invert the split algorithm. The hash of the recovered data may then be verified against the share hash. For example, a data set may be split into shares, then the shares encrypted, or a data set may be encrypted then split into shares. Multiple splitting and multiple encryption operations may also be performed, in any order. Additionally, any additional keys used to encrypt the file session key (e.g., a KEK) may themselves be split and encrypted any number of times in any suitable order.).
O’Hare does not explicitly disclose: encrypting, by the first share-holder, the first split using a second key of the first share-holder that has been established by a combining computing system, the second key of the first share-holder corresponding to a first asymmetric key being restricted to use by the first shareholder; and encrypting, by the second share-holder, the second split using a second key of the second share-holder that has been established by the combining computing system, the second key of the second share-holder corresponding to a second asymmetric key being restricted to use by the second shareholder.  
However, in an analogous art, Nolan discloses a method comprising the steps of 
and encrypting, by the first share-holder, the first split using a second key of the first share-holder that has been established by a combining computing system, the second key of the first share-holder corresponding to a first asymmetric key being restricted to use by the first shareholder (Nolan FIG. 30, [0224], [0257] – [0258]. In Shamir SS a secret is divided into parts, with each participant receiving its own unique part. In some examples, a threshold scheme is used where a predetermined number of the parts are sufficient to reconstruct the original secret. Signing a transaction requires M of N secrets and M of N copies of the EPID half key. If a condition of reconstitution is observed at block 3008 , at block 3010 , the shareholder observing the condition creates a transaction ( Tx2 ) including the policy for the event and evidence for the event , and signs the transaction [with Ksx], where KSx is the private key for the share observing the event (Sx). At block 3014 , a determination is made as to whether a threshold number of shareholders submitted a reconstitution transaction , such as M of N shareholders . If so , at block 3016 , the e - wallet key ( Kwl ) is reconstituted by the ( N ) shareholders of the e - wallet (W1).);
and encrypting, by the second share-holder, the second split using a second key of the second share-holder that has been established by the combining computing system, the second key of the second share-holder corresponding to a second asymmetric key being restricted to use by the second shareholder (Nolan FIG. 30, [0224], [0257] – [0258]. In Shamir SS a secret is divided into parts , with each participant receiving its own unique part . In some examples , a threshold scheme is used where a predetermined number of the parts are sufficient to reconstruct the original secret. Signing a transaction requires M of N secrets and M of N copies of the EPID half key. If a condition of reconstitution is observed at block 3008 , at block 3010 , the shareholder observing the condition creates a transaction ( Tx2 ) including the policy for the event and evidence for the event , and signs the transaction [with Ksx], where KSx is the private key for the share observing the event (Sx). At block 3014 , a determination is made as to whether a threshold number of shareholders submitted a reconstitution transaction , such as M of N shareholders . If so , at block 3016 , the e - wallet key ( Kwl ) is reconstituted by the ( N ) shareholders of the e - wallet (W1).). 
Therefore, it would have been obvious to one of ordinary skill in the art on or before the effective filing date of the claimed invention to combine the teachings of Nolan with the teachings of O’Hare to include the steps of: encrypting, by the first share-holder, the first split using a second key of the first share-holder that has been established by a combining computing system, the second key of the first share-holder corresponding to a first asymmetric key being restricted to use by the first shareholder. One would have been motivated to provide users with a means for enabling a user to reconstruct shared secrets only after a sufficient number of shareholders approves and signs a particular transaction.  (See Nolan [0257].)
O’Hare and Nolan do not explicitly disclose: wherein the last secret is not written to any non-volatile media. 
However, in an analogous art, Machani discloses a method, comprising: wherein the last secret is not written to any non-volatile media (Machani col. 5 20-39. Upon the user 36 entering the user-specific data 38, it may be ephemerally stored within memory 80 (to be deleted when no longer needed). Transformation 82 (in some embodiments it may be a null transformation; in other embodiments it may be any deterministic transformation, Such as a key derivation function) fixes the user-specific data 38 into a fixed user share 40, which is also ephemerally stored within memory 80 (to be deleted when no longer needed). A mathematical process 84 is applied to the user share and the local share 42 to recover the first cryptographic key 46, which is also ephemerally stored within memory 80 (to be deleted when no longer needed). A decryption process 86 is applied to the encrypted local secrets 44 using the first cryptographic key 46 to recover the decrypted local secrets 88, which are also ephemerally stored within memory 80 (to be deleted when no longer needed). These ephemerally stored decrypted local secrets 88, which may include, for example, account information or encryption keys, may then be used to provide the user 36 with access to a protected resource. [For key splitting, see col. 6: 19-35]). 
Therefore, it would have been obvious to one of ordinary skill in the art on or before the effective filing date of the claimed invention to combine the teachings of Machani with the teachings of O’Hare and Nolan to include the step of: wherein the last secret is not written to any non-volatile media. One would have been motivated to provide users with a means for protecting sensitive information through splitting the sensitive data and only temporarily storing such data as needed. (See Machani col.5: 20-39. )
Regarding claim 2, O’Hare, Nolan and Machani disclose the method of claim 1. O’Hare further discloses: receiving, by the combining computing system, the dealer signed and encrypted first split from the first share-holder and the dealer signed and encrypted second split from the second share-holder (O’Hare [0528]-[0529]. Once one or more shares has been retrieved from storage depositories 4208a, 4208b and 4208c, the crypto graphic sharing client of User 2 device 4202b then validates the encrypted file session key using the public key Pub-U1 4212a associated with User 1 (if the encrypted file session key was signed by the cryptographic sharing client of User 1 device 4202a), then decrypts the second encrypted key to restore the file session key using the private key Pri-U24214b associated with User 2. If a sufficient number of shares have been received for restoration, the cryptographic sharing client of User 2 device 4202b then restores the shared file ANY FILE1 4204b at User 2 device 4202b. [T]he data may also be retrieved by User 1 device 4202a by decrypting the first encrypted key (e.g., the file session key encrypted with the public key Pub-U14212a) to restore the file session key, then decrypting the encrypted data set using the file session key. [Note that in [0487], each share may contain information such as digital signatures that enables the user to validate the share and to reassemble the share into original message]); 
decrypting, by the combining computing system, the dealer signed and encrypted first split with the second key of the first share-holder and the dealer signed and encrypted second split with the second key of the second share-holder to determine the first split and the second split (O’Hare [0528]-[0529]. Once one or more shares has been retrieved from storage depositories 4208a, 4208b and 4208c, the crypto graphic sharing client of User 2 device 4202b then validates the encrypted file session key using the public key Pub-U1 4212a associated with User 1 (if the encrypted file session key was signed by the cryptographic sharing client of User 1 device 4202a), then decrypts the second encrypted key to restore the file session key using the private key Pri-U24214b associated with User 2. If a sufficient number of shares have been received for restoration, the cryptographic sharing client of User 2 device 4202b then restores the shared file ANY FILE1 4204b at User 2 device 4202b. [T]he data may also be retrieved by User 1 device 4202a by decrypting the first encrypted key (e.g., the file session key encrypted with the public key Pub-U14212a) to restore the file session key, then decrypting the encrypted data set using the file session key. [Note that in [0487], each share may contain information such as digital signatures that enables the user to validate the share and to reassemble the share into original message]); -2- 4822-2135-8288.1Atty. Dkt. No. 052873-0959
 authenticating, by the combining computing system, the first split and the second split by verifying the dealer signature of the first split and the dealer signature of the second split using the dealer signing key of the dealer computing system (O’Hare [0528]-[0529]. Once one or more shares has been retrieved from storage depositories 4208a, 4208b and 4208c, the crypto graphic sharing client of User 2 device 4202b then validates the encrypted file session key using the public key Pub-U1 4212a associated with User 1 (if the encrypted file session key was signed by the cryptographic sharing client of User 1 device 4202a), then decrypts the second encrypted key to restore the file session key using the private key Pri-U24214b associated with User 2. If a sufficient number of shares have been received for restoration, the cryptographic sharing client of User 2 device 4202b then restores the shared file ANY FILE1 4204b at User 2 device 4202b. [T]he data may also be retrieved by User 1 device 4202a by decrypting the first encrypted key (e.g., the file session key encrypted with the public key Pub-U14212a) to restore the file session key, then decrypting the encrypted data set using the file session key. [Note that in [0487], each share may contain information such as digital signatures that enables the user to validate the share and to reassemble the share into original message]).
Nolan further discloses combining, by the combining computing system, the first split and the second split to determine the last secret (Nolan FIG. 30, [0224], [0257] – [0258]. In Shamir SS a secret is divided into parts , with each participant receiving its own unique part . In some examples , a threshold scheme is used where a predetermined number of the parts are sufficient to reconstruct the original secret. Signing a transaction requires M of N secrets and M of N copies of the EPID half key. If a condition of reconstitution is observed at block 3008 , at block 3010 , the shareholder observing the condition creates a transaction ( Tx2 ) including the policy for the event and evidence for the event , and signs the transaction [with Ksx], where KSx is the private key for the share observing the event (Sx). At block 3014 , a determination is made as to whether a threshold number of shareholders submitted a reconstitution transaction , such as M of N shareholders . If so , at block 3016 , the e - wallet key ( Kwl ) is reconstituted by the ( N ) shareholders of the e - wallet (W1).). 	The motivation is the same as that of claim 1 above. 
Regarding claim 3, O’Hare, Nolan and Machani disclose the method of claim 1. O’Hare further discloses wherein wherein the last secret is a password, a second key, or a tokenized value (O’Hare [0525]. In such implementations, secure sharing system 4200 may create a one-time symmetric key which is used to wrap the session key (as the workgroup key described above typically would). The wrapped session key is then further encrypted with the public keys Pub-U14212a associated with User 1 and Pub-U242.12b associated with User 2 to form first and second encrypted keys, as described above. Multiple splitting and multiple encryption operations may also be performed, in any order. For example, a data set may be split into shares, then the shares encrypted, or a data set may be encrypted then split into shares. Multiple splitting and multiple encryption operations may also be performed, in any order. Additionally, any additional keys used to encrypt the file session key (e.g., a KEK) may themselves be split and encrypted any number of times in any suitable order.). 
Regarding claim 4, O’Hare, Nolan and Machani disclose the method of claim 1. O’Hare further discloses wherein the last secret is split into the first split and the second split using a N of N component scheme (O’Hare [0341], [0342]. In the incorporated session key example described herein, the session master key is split into “n” shares according to the contents of the installation dependant Parser Master Key (SK1, SK2, SK3, SKn). Unless all four shares are retrieved, the data cannot be reassembled according to this example.). 
Regarding claim 5, O’Hare, Nolan and Machani disclose the method of claim 1. O’Hare further discloses wherein the last secret is split into the first split and the second split using a N of M share scheme (O’Hare [0281]. As a non-limiting example, the cryptosplit may be done as a “3 of 4” cryptosplit Such that only three of the four shares are necessary to reassemble or restore the data to its original or useable form. This is also referred to as a “M of N cryptosplit' wherein N is the total number of shares, and M is at least one less than N. It is readily apparent to those of ordinary skill in the art that there are many possibilities for creating this redundancy in the cryptosplitting process of the present invention.). 
Regarding claim 6, O’Hare, Nolan, and Machani disclose the method of claim 1. O’Hare further discloses: dealer signed and encrypted first split and dealer signed and encrypted second split (O’Hare [0317], [0487], [0490]. Optionally encrypting each share with an existing or new encryption algorithm, then store the encryption keys in different locations from the encrypted data portions or shares. Each data share may include metadata, which may be necessary to permit correct reconstruction of the data blocks or data packets. This information may be included in the share header. The metadata may include such information as cryptographic key shares, key identities, share nonces, signatures/MAC values, and integrity blocks. To verify the integrity of the outputs blocks at recovery time, the secure data parser may compare the share integrity blocks of each share and then invert the split algorithm. The hash of the recovered data may then be verified against the share hash.). 
Nolan further discloses wherein the dealer signed and encrypted first split and the dealer signed and second split are stored in a blockchain (Nolan [0244], [0376] – [0377]. In Shamir SS a secret is divided into parts , with each participant receiving its own unique part . In some examples , a threshold scheme is used where a predetermined number of the parts are sufficient to reconstruct the original secret. Signing a transaction requires M of N secrets and M of N copies of the EPID half key.The method includes provisioning a plurality of devices each hosting an e-wallet share with enhanced privacy identification (EPID) private keys for the e-wallet share. The method also includes posting a signature for each e-wallet share to a blockchain. In this example, the method includes creating a transaction by an e-wallet share, signing the transaction with an EPID private key, and posting the transaction to a blockchain.). 
The motivation is the same as that of claim 1 above. 
Regarding claim 8, claim 8 is directed to a system corresponding to the method of claim 1. Claim 8 is similar in scope to claim 1 and is therefore rejected under similar rationale. 
Regarding claim 9, claim 9 is directed to a system corresponding to the method of claim 2. Claim 9 is similar in scope to claim 2 and is therefore rejected under similar rationale. 
Regarding claim 10, claim 10 is directed to a system corresponding to the method of claim 3. Claim 10 is similar in scope to claim 3 and is therefore rejected under similar rationale. 
Regarding claim 11, claim 11 is directed to a system corresponding to the method of claim 4. Claim 11 is similar in scope to claim 4 and is therefore rejected under similar rationale. 
Regarding claim 12, claim 12 is directed to a system corresponding to the method of claim 5. Claim 12 is similar in scope to claim 5 and is therefore rejected under similar rationale. 
Regarding claim 13, claim 13 is directed to a system corresponding to the method of claim 6. Claim 13 is similar in scope to claim 6 and is therefore rejected under similar rationale. 
Regarding claim 21, claim 21 is directed to a non-transitory computer-readable medium corresponding to the method of claim 1. Claim 21 is similar in scope to claim 1 and is therefore rejected under similar rationale. 
Regarding claim 22, claim 22 is directed to a non-transitory computer-readable medium corresponding to the method of claim 2. Claim 22 is similar in scope to claim 2 and is therefore rejected under similar rationale. 
Regarding claim 23, claim 23 is directed to a non-transitory computer-readable medium corresponding to the method of claim 3. Claim 23 is similar in scope to claim 3 and is therefore rejected under similar rationale.
Regarding claim 24, claim 24 is directed to a non-transitory computer-readable medium corresponding to the method of claim 4. Claim 24 is similar in scope to claim 4 and is therefore rejected under similar rationale. 
Regarding claim 25, claim 25 is directed to a non-transitory computer-readable medium corresponding to the method of claim 5. Claim 25 is similar in scope to claim 5 and is therefore rejected under similar rationale. 
Regarding claim 26, claim 26 is directed to a non-transitory computer-readable medium corresponding to the method of claim 6. Claim 26 is similar in scope to claim 6 and is therefore rejected under similar rationale. 



Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to EDWARD LONG whose telephone number is (571)272-8961. The examiner can normally be reached on Monday to Friday, 9 AM - 6 PM EST (Alternate Fridays).
If attempts to reach the examiner by telephone are unsuccessful, the examiner's supervisor, Luu Pham can be reached on 571 270 5002. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.



/EDWARD  LONG/
Examiner, Art Unit 2439



/KARI L SCHMIDT/Primary Examiner, Art Unit 2439