Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Based on the amendment to claims 32, 34, 35, 36 and 37, the rejection under 35 U.S.C. 112(b) has been withdrawn. 

Response to Arguments
Applicant's arguments filed on May 13, 2022 have been fully considered but they are not persuasive to overcome the prior arts in record and place the claims in a better condition for allowance for at least the following reasons. In the response, the applicant states that “even assuming arguendo that AESENC and AESENCLAST instructions exhibit a detectable interaction, Gueron has no teachings that any of the "transformation isolation function(s) 120" would break such an interaction”. In the response, the applicant admits that AESENC and AESENCLAST instructions exhibit a detectable interaction as disclosed by Gueron. However, the applicant argues that any of the "transformation isolation function(s) 120" which appears to include the set of AES instruction (AESINC, AESDEC, AESENCLAST, AESDECLAST) would break such an interaction. 
The examiner respectfully disagrees with the applicant’s argument. Gueron in ¶0044 discloses transformation isolation function(s) 120 that may be stored in memory 108 or in the storage device 112 use the AES function 103 to isolate (break) one of the transformations in the AES encrypt or decrypt instructions. Gueron continues to disclose in ¶0056-¶0060] that the set of AES instructions (AESINC, AESDEC, AESENCLAST, AESDECLAST) may be used to isolate (beak) the sub-steps (transformations) of the AES algorithm defined by FIPS 197. The sub-steps are Shift Rows, Substitute Bytes, Mix Columns, Inverse Shift Rows, Inverse Substitute Bytes, and Inverse Mix Columns. The six sub-steps (transformations) operate on a 128 bit State and produce a 128 bit result. The "Inverse" transformations are the corresponding inverses of the transformations, for example, if Tmp=Substitute Bytes (State), then Inverse Substitute Bytes (Tmp)=State. The Add Round Key transformation operates on two 128 bits inputs (State and Round Key), and outputs their bitwise XOR. FIG. 3 is a flow chart of an embodiment of a Mix Column isolation transformation function 300 that uses at least one AES round instruction for isolating the Mix Columns transformation in the AES algorithm. The micro operation for the Mix Columns transformation is only used in the AESENC instruction and the AESDEC instruction includes the inverse transformations to the transformations in the AESENC instruction. At block 302, the Mix Columns transformation isolation (break) function calls the AESDECLAST instruction with the current state and the round key set to 0.  The AESDECLAST performs the micro-operations in Table 6. 
Gueron further discloses in ¶0064 the output of the AESENC instruction is Mix Columns (State) which is isolated using the combination of the AESDECLAST instruction and the AESENC instruction; in ¶0065 Y=Inverse Mix Columns (Inverse Substitute Bytes (Inverse Shift Rows (Substitute Bytes (Shift Rows (State)))); in ¶0075: FIG. 5 illustrates use of a Packed Shuffle bytes in ¶0083 the output of the AESENCLAST instruction is Substitute Bytes (State) which is isolated (broken) using the combination of the AESENCLAST instruction and the PSHUFB instruction; in ¶0084 Y=Substitute Bytes (Shift Rows (X))=Substitute Bytes (Shift Rows (Inverse Shift Rows (State)))=Substitute Bytes (State)).
The examiner would like to note that, under BRI, the teaching of Gueron that “the set of AES instructions (AESINC, AESDEC, AESENCLAST, AESDECLAST) used to isolate (beak) the sub-steps (transformations) of the AES algorithm defined by FIPS 197” corresponds to the applicant’s disclosure of isolating (breaking) an interaction of the set of AES instruction (AESINC, AESDEC, AESENCLAST, AESDECLAST) under BRI consideration (See applicant’s disclosure in ¶0050-¶0051 for First Data Manipulation Instruction and Second Data Manipulation Instruction. See also applicant’s disclosure in ¶0045; ¶0047; ¶0052 and ¶0055 for Break DPA-detectable interaction).

The applicant continues to argue that that the Office Action fails to explain relevance of the reference Chheda’s citation [¶0072; ¶0075; ¶0080 and ¶0091]. As explained above, the examiner provided that Guero discloses the breaking (isolation) instruction. However, Gueron does not explicitly disclose that the breaking instruction is detectable. Chheda, in analogous art however, discloses that the breaking instruction is detectable ([¶0072]: As mentioned in the standard and noted in the Advanced Encryption Standard (AES) literature, AES is susceptible to differential power analysis (DPA) attacks. [¶0075]: One of the main concerns with  the AES algorithm is its susceptibility to DPA attacks. Side-channel attacks, such as DPA, work due to the fact that correlation exists between physical measurements taken during execution and the internal state of the algorithm being executed. [¶0080]: During AES encryption the TGM calculates a reversible function, f, in software that takes as inputs the key, the data to be encrypted and a chip-unique random number Z shown as 409 (persistent across power-on cycles). The examiner would like to note here that, the breaking instruction (AES instructions -AESINC, AESDEC, AESENCLAST, AESDECLAST) discloses by Guero are detectable by the teachings of Chheda DPA attacks on Advanced Encryption Standard (AES) instruction set. 
Based on the above discussion, the applicant’s arguments are not persuasive to overcome the prior arts in record and place the claims in a better condition for allowance and therefore the rejections under 103 is maintained.

Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA  as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). 
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.
Claims 1, 22, 29, 31 and 38 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1, 11 and 15 of U.S. Patent No. 10,382193. Although the claims at issue are not identical, they are not patentably distinct from each other because corresponding limitations of claims 1, 22, 29, 31 and 38 are generic to corresponding limitations of claims 1, 11 and 15 respectively as shown in table below.

Current Application No: 17/122310
Conflicting US. Patent No: 10,382193
1. A method of executing a cryptographic operation, comprising: identifying a first data manipulation instruction, the first data manipulation instruction modifying an internal state of a processing device; identifying a second data manipulation instruction, the second data manipulation instruction interacting with the internal state of the processing device; and breaking a detectable interaction of the first data manipulation instruction and the second data manipulation instruction by a third data manipulation instruction to be executed serially with the first data manipulation instruction and the second data manipulation instruction, wherein the third data manipulation instruction modifies the internal state of the processing device.
22. The method of claim 1, wherein the interaction is detectable by external monitoring is a differential power analysis (DPA) of power consumed by the processing device.
1. A method of executing a cryptographic operation, comprising: executing, by a processing device, a first data manipulation instruction, the first data manipulation instruction modifying an architecturally-invisible register of the processing device, wherein modifying the architecturally-invisible register affects electric current flows in the processing device; executing a second data manipulation instruction, the second data manipulation instruction interacting with the architecturally-invisible register; and protecting the processing device from a differential power analysis (DPA) attack by breaking a DPA-detectable interaction of the first data manipulation instruction and the second data manipulation instruction by executing a third data manipulation instruction with an input comprising an unpredictable data item, wherein the third data manipulation instruction produces a random value of the architecturally-invisible register.
29. A method, comprising: identifying a first instruction that loads a secret data item, wherein the first instruction modifies an internal state of a processing device; identifying a detectable interaction of the first data load instruction and a second instruction; and breaking the detectable interaction by a third instruction to be executed serially with the first instruction and the second instruction, wherein the third instruction produces a random value of the internal state of the processing device.
31. The method of claim 29, wherein the interaction is detectable by external monitoring is a differential power analysis (DPA) of power consumed by the processing device.
11. A method, comprising: executing, by a processing device, a sequence of data load instructions modifying an architecturally-invisible register of the processing device, wherein modifying the architecturally-invisible register affects electric current flows in the processing device, and wherein a certain data load instruction of the sequence loads secret data; and protecting the processing device from a differential power analysis (DPA) attack by breaking a DPA-detectable interaction of two or more data load instructions of the sequence by executing, within the sequence, a first data load instruction to load a first data item and a second data load instruction to load a second data item, wherein the first data item is provided by one of: a first secret data item or a first constant data item, and wherein the second data item is provided by one of: a second secret data item or a second constant data item, wherein the third data manipulation instruction produces a random value of the architecturally-invisible register.
38. A computer-readable non-transitory storage medium comprising instructions that, when executed by a computing device, cause the computing device to perform operations comprising: identifying a first data manipulation instruction, the first data manipulation instruction modifying an internal state of a processing device; identifying a second data manipulation instruction, the second data manipulation instruction interacting with the internal state of the processing device; and breaking a detectable interaction of the first data manipulation instruction and the second data manipulation instruction by a third data manipulation instruction to be executed serially with the first data manipulation instruction and the second data manipulation instruction, wherein the third data manipulation instruction modifies the internal state of the processing device.
15. A computer-readable non-transitory storage medium comprising executable instructions that, when executed by a computing device, cause the computing device to perform operations, comprising: executing, by a processing device, a first data manipulation instruction, the first data manipulation instruction modifying an architecturally-invisible register of the processing device, wherein modifying the architecturally-invisible register affects electric current flows within the processing device; executing a second data manipulation instruction, the second data manipulation instruction interacting with the architecturally-invisible register; and protecting the processing device from a differential power analysis (DPA) attack by breaking a DPA-detectable interaction of the first data manipulation instruction and the second data manipulation instruction by executing a third data manipulation instruction with an input comprising an unpredictable data item, wherein the third data manipulation instruction produces a random value of the architecturally-invisible register.


Claims 1, 29 and 31 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1, 11 and 15 of U.S. Patent No. 10,897344 . Although the claims at issue are not identical, they are not patentably distinct from each other because corresponding limitations of claims 1, 29 and 31 are generic to corresponding limitations of claims 1, 11 and 15 respectively as shown in table below.

Current Application No: 17/122310
Conflicting US. Patent No: 10,897344
1. A method of executing a cryptographic operation, comprising: identifying a first data manipulation instruction, the first data manipulation instruction modifying an internal state of a processing device; identifying a second data manipulation instruction, the second data manipulation instruction interacting with the internal state of the processing device; and breaking a detectable interaction of the first data manipulation instruction and the second data manipulation instruction by a third data manipulation instruction to be executed serially with the first data manipulation instruction and the second data manipulation instruction, wherein the third data manipulation instruction modifies the internal state of the processing device.
1. A method of executing a cryptographic operation, comprising: identifying a first data manipulation instruction, the first data manipulation instruction modifying an internal state of a processing device; identifying a second data manipulation instruction, the second data manipulation instruction interacting with the internal state of the processing device; and identifying an interaction of the first data manipulation instruction and the second data manipulation instruction, wherein the interaction is detectable by external monitoring of the processing device; and breaking the interaction by a third data manipulation instruction to be executed serially with the first data manipulation instruction and the second data manipulation instruction, wherein the third data manipulation instruction modifies the internal state of the processing device.
29. A method, comprising: identifying a first instruction that loads a secret data item, wherein the first instruction modifies an internal state of a processing device; identifying a detectable interaction of the first data load instruction and a second instruction; and breaking the detectable interaction by a third instruction to be executed serially with the first instruction and the second instruction, wherein the third instruction produces a random value of the internal state of the processing device.

11. A method, comprising: identifying a sequence of instructions modifying an internal state of a processing device, wherein the sequence of instructions comprises a first data load instruction that loads a secret data item; identifying a detectable interaction of the first data load instruction and other instructions of the sequence of instructions, wherein the interaction is detectable by external monitoring of the processing device; and breaking the detectable interaction by a second data load instruction to be executed within the sequence of instructions, wherein the second data load instruction loads a first data item provided by one of: a first secret data item or a first constant data item, and wherein the second data load instruction produces a random value of the internal state of the processing device.
38. A computer-readable non-transitory storage medium comprising instructions that, when executed by a computing device, cause the computing device to perform operations comprising: identifying a first data manipulation instruction, the first data manipulation instruction modifying an internal state of a processing device; identifying a second data manipulation instruction, the second data manipulation instruction interacting with the internal state of the processing device; and breaking a detectable interaction of the first data manipulation instruction and the second data manipulation instruction by a third data manipulation instruction to be executed serially with the first data manipulation instruction and the second data manipulation instruction, wherein the third data manipulation instruction modifies the internal state of the processing device.
16. A computer-readable non-transitory storage medium comprising instructions that, when executed by a computing device, cause the computing device to perform operations comprising: identify a sequence of instructions modifying an internal state of a processing device, wherein the sequence of instructions comprises a first data load instruction that loads a secret data item; identify a detectable interaction of the first data load instruction and other instructions of the sequence of instructions, wherein the interaction is detectable by external monitoring of the processing device; and breaking the detectable interaction by a second data load instruction to be executed within the sequence of instructions, wherein the second data load instruction loads a first data item provided by one of: a first secret data item or a first constant data item, and wherein the second data load instruction produces a random value of the internal state of the processing device.


The applicant requests that the Double Patenting rejection be held in abeyance until such time as the allowable form of the claims is known (see Page 6 under Section --Response to Double Patenting Rejection of the applicant’s remark filed on May 13, 2022).
The Examiner respectfully reject this request. A complete response to a nonstatutory double patenting (NSDP) rejection is either a reply by applicant showing that the claims subject to the rejection are patentably distinct from the reference claims or the filing of a terminal disclaimer in accordance with 37 CFR 1.321  in the pending application(s) with a reply to the Office action (see MPEP § 1490 for a discussion of terminal disclaimers). Such a response is required even when the nonstatutory double patenting rejection is provisional.
As filing a terminal disclaimer, or filing a showing that the claims subject to the rejection are patentably distinct from the reference application’s claims, is necessary for further consideration of the rejection of the claims, such a filing should not be held in abeyance. Only objections or requirements as to form not necessary for further consideration of the claims may be held in abeyance until allowable subject matter is indicated. Replies with an omission should be treated as provided in MPEP § 714.03.Therefore, an application must not be allowed unless the required compliant terminal disclaimer(s) is/are filed and/or the withdrawal of the nonstatutory double patenting rejection(s) is made of record by the examiner. See MPEP § 804.02, subsection VI, for filing terminal disclaimers required to overcome nonstatutory double patenting rejections in applications filed on or after June 8, 1995.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1 and 21-39 are rejected under 35 U.S.C. 103 as being unpatentable over Gueron et al. (Hereinafter referred to as Gueron, US 20090220071 A1) in view of Chheda et al. (Hereinafter referred to as Chheda, US 20080126766 A1).

As per claim 1:
Gueron discloses a method of executing a cryptographic operation, comprising:
identifying a first data manipulation instruction, the first data manipulation instruction modifying an internal state of a processing device ([0024]: The sequence of transformations for an encryption round may be performed by a single AES encryption round instruction AESENC as shown in Table 1: AESENC xmm1, xmm2/m128; State=xmm1; [0034]: TABLE 4 AESDEC xmm1, xmm2/m128 State = xmm1);
identifying a second data manipulation instruction, the second data manipulation instruction interacting with the internal state of the processing device ([0024]: The sequence of transformations for an encryption round may be performed by a single AES last encryption round instruction AESENCLAST as shown in Table 2: AESENCLAST xmm1, xmm2/m128); and
breaking interaction of the first data manipulation instruction and the second data manipulation instruction by a third data manipulation instruction to be executed serially with the first data manipulation instruction and the second data manipulation instruction, wherein the third data manipulation instruction modifies the internal state of the processing device ([0044]:  Transformation isolation function(s) 120 that may be stored in memory 108 or in the storage device 112 use the AES function 103 to isolate one of the transformations in the AES encrypt or decrypt instructions; [0056-0060]; The set of AES instructions (AESINC, AESDEC, AESENCLAST, AESDECLAST) may be used to isolate the sub-steps (transformations) of the AES algorithm defined by FIPS 197. The sub-steps are Shift Rows, Substitute Bytes, Mix Columns, Inverse Shift Rows, Inverse Substitute Bytes, and Inverse Mix Columns. The six sub-steps (transformations) operate on a 128 bit State and produce a 128 bit result. The "Inverse" transformations are the corresponding inverses of the transformations, for example, if Tmp=Substitute Bytes (State), then Inverse Substitute Bytes (Tmp)=State. The Add Round Key transformation operates on two 128 bits inputs (State and Round Key), and outputs their bitwise XOR. FIG. 3 is a flow chart of an embodiment of a Mix Column isolation transformation function 300 that uses at least one AES round instruction for isolating the Mix Columns transformation in the AES algorithm. The micro operation for the Mix Columns transformation is only used in the AESENC instruction and the AESDEC instruction includes the inverse transformations to the transformations in the AESENC instruction. At block 302, the Mix Columns transformation isolation function calls the AESDECLAST instruction with the current state and the round key set to 0.  The AESDECLAST performs the micro-operations in Table 6. [0064]: Thus, the output of the AESENC instruction is Mix Columns (State) which is isolated using the combination of the AESDECLAST instruction and the AESENC instruction as shown below: [0065] Y=Inverse Mix Columns (Inverse Substitute Bytes (Inverse Shift Rows (Substitute Bytes (Shift Rows (State)))); [0075]: FIG. 5 illustrates use of a Packed Shuffle bytes (PSHUFB) instruction to isolate the Shift Rows and the Inverse Shift Rows transformations; [0083]: The output of the AESENCLAST instruction is Substitute Bytes (State) which is isolated using the combination of the AESENCLAST instruction and the PSHUFB instruction as shown below: [0084] Y=Substitute Bytes (Shift Rows (X))=Substitute Bytes (Shift Rows (Inverse Shift Rows (State)))=Substitute Bytes (State)).

Gueron does not explicitly disclose that the breaking instruction is detectable. Chheda, in analogous art however, discloses that the breaking instruction is detectable ([0072]: An embodiment showing protecting a cryptographic implementation is shown below. As mentioned in the standard and noted in the Advanced Encryption Standard (AES) literature, AES is susceptible to differential power analysis (DPA) attacks. [0075]: One of the main concerns with the AES algorithm is its susceptibility to DPA attacks. Side-channel attacks, such as DPA, work due to the fact that correlation exists between physical measurements taken during execution and the internal state of the algorithm being executed. [0080]: During AES encryption the TGM calculates a reversible function, f, in software that takes as inputs the key, the data to be encrypted and a chip-unique random number Z shown as 409 (persistent across power-on cycles). The TGM execution is resistant to high-order DPA as switching activity in TGM buses, memory, etc, is randomized by the random encoding and execution model and by operation masking techniques presented before. Due to the high-order DPA protection in TGM that de-correlates data d from dtgm and key k from ktgm (see the bottom part of FIG. 4), the AES module is now protected against DPA. [0091]: At runtime, random keys are read in and masking happens in the software uniquely for each location set. The masking varies after each power on. All persistent memory (on-chip as well as off-chip) is encrypted with a DPA-resilient AES). Therefore, it would have been obvious to a person having ordinary skill in the art before the effective filing date of the invention to modify the claimed limitations of the instruction disclosed by Gueron to include the breaking instruction is detectable. This modification would have been obvious because a person having ordinary skill in the art would have been motivated by the desire to provide a processing framework creating an effective defense against security attacks at the digital level and EAS protocol and further provide efficient and comprehensive security with very low cost and minimal power and performance overhead as suggested by Chheda (0014).

As per claim 21:
Gueron discloses wherein the internal state is stored by a cache of the processing device ([0047]: The fetch and decode unit 206 fetches macroinstructions from L1 instruction cache 202, decodes the macroinstructions and breaks them into simple operations called micro operations (pops) that may be stored in microcode Read Only Memory (ROM) 214. …A round key 216 used by an AES round instruction may be stored in L1 data cache 204 and loaded into the execution unit 210 for use by the micro operations to execute any of one of the AES encrypt/decrypt round instructions. Storing the round key 216 in the L1 data cache 204 protects the round key 216 from side channel attacks, for example, attempts to obtain the round key in order to get access to encrypted information stored in the system 100).

As per claim 22:
Chheda discloses wherein the interaction is detectable by external monitoring is a differential power analysis (DPA) of power consumed by the processing device ([0072]: An embodiment showing protecting a cryptographic implementation is shown below. As mentioned in the standard and noted in the Advanced Encryption Standard (AES) literature, AES is susceptible to differential power analysis (DPA) attacks. [0075]: One of the main concerns with the AES algorithm is its susceptibility to DPA attacks. Side-channel attacks, such as DPA, work due to the fact that correlation exists between physical measurements taken during execution and the internal state of the algorithm being executed).

As per claim 23:
Gueron discloses wherein at least one of the first data manipulation instruction or the second data manipulation instruction belongs to an enhanced instruction set for performing cryptographic data processing operations ([0056-0060]: The set of AES instructions (AESINC, AESDEC, AESENCLAST, AESDECLAST) may be used to isolate the sub-steps (transformations) of the AES algorithm defined by FIPS 197).

As per claim 24:
Gueron discloses wherein the enhanced instruction set is provided by one of: an Intel AES-NI instruction set, an ARM Advanced Encryption Standard (AES) instruction set, or a SPARC AES instruction set ([0035]:  Each of the four AES round instructions (AESENC, AESNECLAST, AESDEC, AESDECLAST) shown in Tables 1, 2, 4 and 5 increases performance by performing several AES transformations together. However, the instructions only support the current version of the AES standard. [0056-0060]: The set of AES instructions (AESINC, AESDEC, AESENCLAST, AESDECLAST) may be used to isolate the sub-steps (transformations) of the AES algorithm defined by FIPS 197).

As per claim 25:
Gueron discloses wherein the first data manipulation instruction and the second data manipulation instruction are comprised by an application implementing a cryptographic operation based on the Advanced Encryption Standard (AES) ([0035]:  Each of the four AES round instructions (AESENC, AESNECLAST, AESDEC, AESDECLAST) shown in Tables 1, 2, 4 and 5 increases performance by performing several AES transformations together. However, the instructions only support the current version of the AES standard. [0056-0060]: The set of AES instructions (AESINC, AESDEC, AESENCLAST, AESDECLAST) may be used to isolate the sub-steps (transformations) of the AES algorithm defined by FIPS 197).

As per claim 26:
Gueron discloses wherein the second data manipulation instruction utilizes an input data item provided by an output of the first data manipulation instruction ([0056-0060]:  The set of AES instructions (AESINC, AESDEC, AESENCLAST, AESDECLAST) may be used to isolate the sub-steps (transformations) of the AES algorithm defined by FIPS 197. The sub-steps are Shift Rows, Substitute Bytes, Mix Columns, Inverse Shift Rows, Inverse Substitute Bytes, and Inverse Mix Columns. The six sub-steps (transformations) operate on a 128 bit State and produce a 128 bit result. The "Inverse" transformations are the corresponding inverses of the transformations, for example, if Tmp=Substitute Bytes (State), then Inverse Substitute Bytes (Tmp)=State. The Add Round Key transformation operates on two 128 bits inputs (State and Round Key), and outputs their bitwise XOR. FIG. 3 is a flow chart of an embodiment of a Mix Column isolation transformation function 300 that uses at least one AES round instruction for isolating the Mix Columns transformation in the AES algorithm. The micro operation for the Mix Columns transformation is only used in the AESENC instruction and the AESDEC instruction includes the inverse transformations to the transformations in the AESENC instruction. At block 302, the Mix Columns transformation isolation function calls the AESDECLAST instruction with the current state and the round key set to 0.  The AESDECLAST performs the micro-operations in Table 6).

As per claim 27:
Gueron discloses wherein at least one of the first data manipulation instruction and the second data manipulation instruction utilizes an input data item comprising a cryptographic key ([0056-0060]:  The set of AES instructions (AESINC, AESDEC, AESENCLAST, AESDECLAST) may be used to isolate the sub-steps (transformations) of the AES algorithm defined by FIPS 197. The sub-steps are Shift Rows, Substitute Bytes, Mix Columns, Inverse Shift Rows, Inverse Substitute Bytes, and Inverse Mix Columns. The six sub-steps (transformations) operate on a 128 bit State and produce a 128 bit result. The "Inverse" transformations are the corresponding inverses of the transformations, for example, if Tmp=Substitute Bytes (State), then Inverse Substitute Bytes (Tmp)=State. The Add Round Key transformation operates on two 128 bits inputs (State and Round Key), and outputs their bitwise XOR. FIG. 3 is a flow chart of an embodiment of a Mix Column isolation transformation function 300 that uses at least one AES round instruction for isolating the Mix Columns transformation in the AES algorithm. The micro operation for the Mix Columns transformation is only used in the AESENC instruction and the AESDEC instruction includes the inverse transformations to the transformations in the AESENC instruction. At block 302, the Mix Columns transformation isolation function calls the AESDECLAST instruction with the current state and the round key set to 0.  The AESDECLAST performs the micro-operations in Table 6)

As per claim 28:
Gueron discloses wherein at least one of the first data manipulation instruction and the second data manipulation instruction performs one of: an AES encryption round or an AES decryption round ([0056-0060]:  The set of AES instructions (AESINC, AESDEC, AESENCLAST, AESDECLAST) may be used to isolate the sub-steps (transformations) of the AES algorithm defined by FIPS 197. The sub-steps are Shift Rows, Substitute Bytes, Mix Columns, Inverse Shift Rows, Inverse Substitute Bytes, and Inverse Mix Columns. The six sub-steps (transformations) operate on a 128 bit State and produce a 128 bit result. The "Inverse" transformations are the corresponding inverses of the transformations, for example, if Tmp=Substitute Bytes (State), then Inverse Substitute Bytes (Tmp)=State. The Add Round Key transformation operates on two 128 bits inputs (State and Round Key), and outputs their bitwise XOR. FIG. 3 is a flow chart of an embodiment of a Mix Column isolation transformation function 300 that uses at least one AES round instruction for isolating the Mix Columns transformation in the AES algorithm. The micro operation for the Mix Columns transformation is only used in the AESENC instruction and the AESDEC instruction includes the inverse transformations to the transformations in the AESENC instruction. At block 302, the Mix Columns transformation isolation function calls the AESDECLAST instruction with the current state and the round key set to 0.  The AESDECLAST performs the micro-operations in Table 6).

As per claim 29:
Gueron discloses a method of executing a cryptographic operation, comprising:
identifying a first instruction that loads a secret data item, wherein the first instruction modifies an internal state of a processing device ([0017]: The Advanced Encryption Standard (AES) algorithm published by the National Institute of Standards and Technology (NIST) as Federal Information Processing Standard (FIPS) 197 is a compute intensive algorithm that is typically performed in software or in a special purpose processor. The AES algorithm is performed in software by executing a sequence of load/store/increment Central Processing Unit (CPU) instructions stored in a memory. [0047] :A round key 216 used by an AES round instruction may be stored in L1 data cache 204 and loaded into the execution unit 210 for use by the micro operations to execute any of one of the AES encrypt/decrypt round instructions; [0024]: The sequence of transformations for an encryption round may be performed by a single AES encryption round instruction AESENC as shown in Table 1: AESENC xmm1, xmm2/m128; State=xmm1; [0034]: TABLE 4 AESDEC xmm1, xmm2/m128 State = xmm1);
identifying a interaction of the first data load instruction and a second instruction ([0024]: The sequence of transformations for an encryption round may be performed by a single AES last encryption round instruction AESENCLAST as shown in Table 2: AESENCLAST xmm1, xmm2/m128); and
breaking the interaction by a third instruction to be executed serially with the first instruction and the second instruction, wherein the third instruction produces a value of the internal state of the processing device ([0044]:  Transformation isolation function(s) 120 that may be stored in memory 108 or in the storage device 112 use the AES function 103 to isolate one of the transformations in the AES encrypt or decrypt instructions; [0056-0060]; The set of AES instructions (AESINC, AESDEC, AESENCLAST, AESDECLAST) may be used to isolate the sub-steps (transformations) of the AES algorithm defined by FIPS 197. The sub-steps are Shift Rows, Substitute Bytes, Mix Columns, Inverse Shift Rows, Inverse Substitute Bytes, and Inverse Mix Columns. The six sub-steps (transformations) operate on a 128 bit State and produce a 128 bit result. The "Inverse" transformations are the corresponding inverses of the transformations, for example, if Tmp=Substitute Bytes (State), then Inverse Substitute Bytes (Tmp)=State. The Add Round Key transformation operates on two 128 bits inputs (State and Round Key), and outputs their bitwise XOR. FIG. 3 is a flow chart of an embodiment of a Mix Column isolation transformation function 300 that uses at least one AES round instruction for isolating the Mix Columns transformation in the AES algorithm. The micro operation for the Mix Columns transformation is only used in the AESENC instruction and the AESDEC instruction includes the inverse transformations to the transformations in the AESENC instruction. At block 302, the Mix Columns transformation isolation function calls the AESDECLAST instruction with the current state and the round key set to 0.  The AESDECLAST performs the micro-operations in Table 6. [0064]: Thus, the output of the AESENC instruction is Mix Columns (State) which is isolated using the combination of the AESDECLAST instruction and the AESENC instruction as shown below: [0065] Y=Inverse Mix Columns (Inverse Substitute Bytes (Inverse Shift Rows (Substitute Bytes (Shift Rows (State)))); [0075]: FIG. 5 illustrates use of a Packed Shuffle bytes (PSHUFB) instruction to isolate the Shift Rows and the Inverse Shift Rows transformations; [0083]: The output of the AESENCLAST instruction is Substitute Bytes (State) which is isolated using the combination of the AESENCLAST instruction and the PSHUFB instruction as shown below: [0084] Y=Substitute Bytes (Shift Rows (X))=Substitute Bytes (Shift Rows (Inverse Shift Rows (State)))=Substitute Bytes (State)).

Gueron does not explicitly disclose that the interaction is detectable and the value in the internal state is random. Chheda, in analogous art however, discloses that the breaking instruction is detectable ([0072]: An embodiment showing protecting a cryptographic implementation is shown below. As mentioned in the standard and noted in the Advanced Encryption Standard (AES) literature, AES is susceptible to differential power analysis (DPA) attacks. [0075]: One of the main concerns with the AES algorithm is its susceptibility to DPA attacks. Side-channel attacks, such as DPA, work due to the fact that correlation exists between physical measurements taken during execution and the internal state of the algorithm being executed. [0080]: During AES encryption the TGM calculates a reversible function, f, in software that takes as inputs the key, the data to be encrypted and a chip-unique random number Z shown as 409 (persistent across power-on cycles). The TGM execution is resistant to high-order DPA as switching activity in TGM buses, memory, etc, is randomized by the random encoding and execution model and by operation masking techniques presented before. Due to the high-order DPA protection in TGM that de-correlates data d from dtgm and key k from ktgm (see the bottom part of FIG. 4), the AES module is now protected against DPA. [0091]: At runtime, random keys are read in and masking happens in the software uniquely for each location set. The masking varies after each power on. All persistent memory (on-chip as well as off-chip) is encrypted with a DPA-resilient AES) and the value in the internal state is random ([0080]: During AES encryption the TGM calculates a reversible function, f, in software that takes as inputs the key, the data to be encrypted and a chip-unique random number Z shown as 409 (persistent across power-on cycles). The TGM execution is resistant to high-order DPA as switching activity in TGM buses, memory, etc, is randomized by the random encoding and execution model and by operation masking techniques presented before).
Therefore, it would have been obvious to a person having ordinary skill in the art before the effective filing date of the invention to modify the claimed limitations of the instruction disclosed by Gueron to include that the interaction is detectable and the value in the internal state is random. This modification would have been obvious because a person having ordinary skill in the art would have been motivated by the desire to provide a processing framework creating an effective defense against security attacks at the digital level and EAS protocol and further provide efficient and comprehensive security with very low cost and minimal power and performance overhead as suggested by Chheda (0014).

As per claims 30-37:
Claims 30-37 are directed to a method of executing a cryptographic operation, claims 30-37 are having substantially similar claimed limitations corresponding to claims 21-28 respectively and therefore claims 30-37 are rejected with the same rationale given above to reject claims 21-28 respectively. 

As per claims 38-39:
Claims 38-39 are directed to a computer-readable non-transitory storage medium comprising instructions that, when executed by a computing device, cause the computing device to perform operations, claims 38-39 are having substantially similar claimed limitations corresponding to claims 1 and 23 respectively and therefore claims 38-39 are rejected with the same rationale given above to reject claims 1 and 23 respectively. 

BRI (Broadest Reasonable Interpretation)
The above claims under examination have been given their BRI consistent with the applicant’s disclosure as they would be interpreted by one of ordinary skill in the art and the following claim words or terms or phrases or languages have been given to them the following reasonable BRI considerations and context in view of the applicant’s disclosure in order to construe boundary and scope of the claimed limitations. For example, for the following claim words or terms or phrases or languages, the examiner recites BRI considerations from the applicant’s disclosure as follows:

First Data Manipulation Instruction and Second Data Manipulation Instruction: 
[0050] Referring to FIG. 7, at block 710, a processing device implementing the method may execute a first data manipulation instruction of an enhanced cryptographic instruction set (e.g., AES-NI instructions). In an illustrative example, the first data manipulation instruction may utilize one or more input data items, e.g., an AES round state and an AES round key. As noted herein above, the first data manipulation instruction may utilize and affect an internal state (e.g., an internal register of the processing device) that may be interacted with or utilized by subsequent data manipulation instructions.
[0051] At block 720, the processing device may execute a second data manipulation instruction of the enhanced cryptographic instruction set. The second data manipulation instruction may utilize one or more input data items, e.g., an AES round state modified by the first data manipulation instruction and an AES round key. The second data manipulation instruction may further interact with or utilize the internal state that was modified by the preceding data manipulation instruction, thus potentially creating a DPA-detectable data leakage, as described in more details herein above.

Break the DPA-detectable interaction
[0045] cryptographic data processing operations may be performed in a manner resistant to external monitoring attacks exploiting vulnerability of the data processing system, by breaking the interaction of the sequential cryptographic data processing instructions. The data processing system may break the interaction of the sequential cryptographic data processing instructions by executing another data manipulation instruction, serially or concurrently with respect to the sequential data manipulation instructions.
[0047] In order to perform the cryptographic data processing instructions in a manner resistant to external monitoring attacks, the data processing system may break the interaction of the sequential cryptographic data processing instructions 610A-610B by executing a data manipulation instruction 630, serially or concurrently with respect to the sequential data manipulation instructions 610A-610B.
[0052] To break the DPA-detectable interaction of the first data manipulation instruction and the second data manipulation instruction, the processing device may, at block 730, execute a third data manipulation instruction utilizing an unpredictable input data item. As noted herein above, the third data manipulation instruction may be executed serially or concurrently with respect to the first and the second data manipulation instructions. Breaking the undesirable interaction of the sequential cryptographic data processing instructions allows the processing device to perform the instructions in a manner resistant to external monitoring attacks, as described in more details herein above.
[0055] In accordance with one or more aspects of the present disclosure, the sequence of data load instructions may be performed in a manner resistant to external monitoring attacks exploiting the above described vulnerability of the data processing system, by breaking the interaction of the sequential data load instructions which are likely to exhibit the above described data leakage. In an illustrative example, the data processing system may break the interaction of the sequential cryptographic data processing instructions by executing two data load instructions before and after the data load instruction that loads secret data, as schematically illustrated by FIG. 9.

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. See the notice of reference cited in form PTO-892 for additional prior art.

THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 

Contact Information
Any inquiry concerning this communication or earlier communications from the examiner should be directed to TECHANE GERGISO whose telephone number is (571)272-3784. The examiner can normally be reached 9:30am to 6:30pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, JUNG W KIM can be reached on 5712723804. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/TECHANE GERGISO/Primary Examiner, Art Unit 2494