Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
The present Office Action is responsive to communication received 6/13/2022.

Examiner’s Amendments 
An examiner’s amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.
Authorization for this examiner’s amendment was given in a communication with Attorney of Record Ryan Heavener on 8/10/2022.
Please replace the claim listing with the following one:


1.   (Currently amended) A hardware security module operable in a secure mode and in a non-secure mod
a cryptographic module comprising at least one processor configured to conduct at least one cryptographic function, including compiling a signature based on input data, a secret key, and a seed value;
a software module configured with a first software or a first firmware and a second software or a second firmware, wherein the software module is coupled to the cryptographic module, and wherein the first software or the first firmware is exclusively run during the secure mode and the second software or the second firmware is exclusively run during the non-secure mode; and
a first secured memory accessible only by the software module via the first software or the first firmware, the first secured memory configured to store the secret key,
wherein, during the secure mode, the first software or the first firmware is configured to read the secret key from the first secured memory and 
wherein, during the non-secure mode, the cryptographic module is configured to generate a signature based on the input data utilizing the secret key and the seed value stored in the cryptographic module, 
wherein, during the non-secure mode, the cryptographic module is configured to generate the signature without granting the second software or the second firmware access to either the secret key or the seed value, and
wherein only one of the secure mode or the non-secure mode is active at a time.

(Currently amended) The hardware security module according to claim 1, wherein the hardware security module enters the non-secure mode after 

(Previously presented) The hardware security module according to claim 1, wherein the secure mode is operated via the first software or the first firmware and the non-secure mode is operated via the second software or the second firmware.

(Previously presented) The hardware security module according to claim 3, wherein the first software or the first firmware is:
exclusively run during the secure mode,
configured to exclusively read the secret key from the first secured memory of the hardware security module, and
configured to store the secret key and the seed value in a second secured memory of the cryptographic module.

(Previously presented) The hardware security module according to claim 3, wherein upon termination of the first software or the first firmware the hardware security module enters the non-secure mode.

(Previously presented) The hardware security module according to claim 3, wherein the second software or the second firmware has no access to the secret key or to the seed value.

(Previously presented) The hardware security module according to claim 1, wherein the seed value is generated by the hardware security module or by an external hardware security module and supplied to the cryptographic module by the first software or the first firmware.

8.   (Currently amended) The hardware security module according to claim 1, wherein, during the non-secure mode, the cryptographic module is configured to generate a random value based on the seed value and generate the signature based on the random value

9.   (Currently amended) The hardware security module according to claim 8, wherein the cryptographic module is configured to generate a plurality of signatures and generate the  of the plurality of signatures, wherein n is an integer greater than 1.

(Previously presented) The hardware security module according to claim 8, wherein a length of the at least one random value is larger than a length of the seed value.

(Previously presented) The hardware security module according to claim 1, wherein the signature comprises an elliptic curve algorithm.

Cancelled.

(Currently amended) A vehicle, comprising:
a hardware security module operable in a secure mode and in a non-secure mode, with only one of the secure mode or the non-secure mode being active at a time, and comprising: 
a cryptographic module comprising at least one processor configured to conduct at least one cryptographic function, including compiling a signature based on input data, a secret key, and a seed value,
a software module configured with a first software or a first firmware and a second software or a second firmware, wherein the first software or the first firmware is exclusively run during the secure mode and the second software or the second firmware is exclusively run during the non-secure mode, and 
a first secured memory accessible only by the software module via first software or the first firmware, the first secured memory configured to store the secret key,
wherein, during the secure mode, the first software or the first firmware is configured to read the secret key from the first secured memory and 
wherein, during the non-secure mode, the cryptographic module is configured to generate a signature based on the input data utilizing the secret key and the seed value stored in the cryptographic module, and
wherein, during the non-secure mode, the cryptographic module is configured to generate the signature without granting the second software or the second firmware access to either the secret key or the seed value.

14.  (Currently amended) A method for operating a device, wherein the device comprises a cryptographic module, the method comprising:
operating the device in either a secure mode or a non-secure mode, with only one of the secure mode or the non-secure mode being active at a time, wherein a first software or a first firmware is exclusively run during the secure mode and a second software or a second firmware is exclusively run during the non-secure mode;
storing a secret key in a first secured memory that is only accessible by the first software or the first firmware;
configuring, by the first software or a first firmware, the cryptographic module during the secure mode by storing the secret key and a seed value in the cryptographic module,
wherein, during the secure mode, the first software or the first firmware is configured to read the secret key from the first secured memory and  therein,
wherein, during the non-secure mode, generating, by the cryptographic module, a signature based on input data utilizing the secret key and the seed value stored in the cryptographic module, and
wherein, during the non-secure mode, preventing, by the cryptographic module, the second software or the second firmware access to either the secret key or the seed value stored in the cryptographic module.

(Previously presented) The method according to claim 14, further comprising:
entering the non-secure mode after a configuration of the cryptographic module is concluded or after a startup phase of the device has ended.

(Original) A non-transitory computer-readable medium having recorded thereon a computer program product directly loadable into a memory of a digital processing device, the computer program product comprising software code portions for performing the method of claim 14.

(Currently amended) The hardware security module according to claim 1, wherein, during the non-secure mode, the cryptographic module is configured to generate the signature without granting the software module access to either the secret key or the seed value.

(Previously presented) The hardware security module according to claim 3, wherein the first software or the first firmware is configured to configure the cryptographic module during each startup phase of the hardware security module by providing a respective secret key and a respective seed value to the cryptographic module for storing therein.

(Currently amended) The hardware security module according to claim 4, wherein, during the non-secure mode, neither the secret key nor the seed value stored in the second secured memory of the cryptographic module can be modified or manipulated.

(Currently amended) The hardware security module according to claim 19, wherein during the non-secure mode, the secret key stored in the first secured memory cannot be accessed by the second software or the second firmware.

(Currently amended) The hardware security module according to claim 1, wherein, during the non-secure mode, the software module does not have access to either the secret key or the seed value.

(Previously presented) The hardware security module according to claim 1, wherein the cryptographic module, the software module, and the first secured memory are separate hardware components with the software module coupled to and between the cryptographic module and the first secured memory.

 (Previously presented) The hardware security module according to claim 1, wherein the cryptographic module does not have any access to the first secured memory.

(Currently amended) The hardware security module according to claim 1, wherein the cryptographic module only generates signatures while the second software or the second firmware is running and does not generate the signatures while the first software or the first firmware is running.


Allowed Claims
Claims 1-11 and 13-24 are allowed, in view of the examiner’s amendments above.

Reason for Allowance

 This communication warrants no examiner's reason for allowance, as applicant's reply makes evident the reason for allowance, satisfying the record as whole as required by rule 37 CFR 1.104 (e). In this case, the substance of applicant's remarks filed on 6/13/20222 with respect to the amended claim limitations along with the examiner’s amendments point out the reason claims are patentable over the prior art of record. Thus, the reason for allowance is in all probability evident from the record and no statement for examiner's reason for allowance is necessary (see MPEP 13202.14).

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to CATHERINE B THIAW whose telephone number is (571)270-1138. The examiner can normally be reached Monday-Friday 7am-4pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, CARL G COLIN can be reached on 571-272-3862. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/Catherine Thiaw/Primary Examiner, Art Unit 2493                                                                                                                                                                                                        8/11/2022