DETAILED ACTION
This is a non-final Office action in response to a request for continued examination received on 6/08/2022.   Claims 1 and 5 were amended.  Claims 3-4 and 7-8 were cancelled.  Claims 9-16 were previously withdrawn in response to a restriction requirement.  No new claims have been added or cancelled.  Claims 1-2 and 5-6 are pending and are examined.  The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . 

Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 6/08/2022 has been entered.

Response to Arguments
Applicant’s remarks regarding the rejection of claims 1-2 and 5-6 under 103 have been considered, but are found unpersuasive.  
Applicant argues on pages 9-10 of the Remarks that Ebrahimi and Duchon do not teach the claims because neither Duchon or Ebrahimi teaches the feature of “only some intended entities among entities on a data sharing network, such as a blockchain, can confirm and verify the data on the network”, however the Examiner respectfully disagrees.  The claims do not specify this feature.  Applicant is free to amend the claims to add this feature.
Applicant argues on page 10 of the Remarks that Duchon does not t each combining two different ciphertexts because “Duchon merely describes that two different ciphertexts (i.e., the encrypted data elements and the encrypted secret key) can be included in one block, however the Examiner respectfully disagrees.  The claims do not specify what is meant by combining the ciphertext for the first combined data and the ciphertext for the decryption key.  Duchon discloses that the encrypted secret key (i.e. ciphertext for the decryption key) and the encrypted data elements (i.e. ciphertext for the first combined data) are combined to make up a new block (paras. [0072]-[0075]), therefore these two encrypted elements/ciphertexts are “combined” within one block.  
Applicant further argues on page 10 of the Remarks that Duchon does not teach the claim limitations because “Duchon is silent about a random bit string that can be combined with one or more ciphertexts”, however the Examiner respectfully disagrees.  Duchon is not cited as teaching those limitations.  The secondary reference Ebrahimi is cited by the Examiner as teaching those limitations.
Applicant’s arguments in the Remarks, filed 6/08/2022, with respect to the claims rejected under 103 have been full considered but are considered moot because newly added limitations to the claims disclose “wherein each of the random bit string included in the first combined data and the second combined data is used to verify the target data” which requires a new ground of rejection necessitated by amendments.
The remaining arguments fail to comply with 37 C.F.R. § 1.111(b) because they amount to a general allegation that the claims define a patentable invention without specifically pointing out how the language of the claims patentably distinguishes them from the references.  

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.


	The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1.	Determining the scope and contents of the prior art.
2.	Ascertaining the differences between the prior art and the claims at issue.
3.	Resolving the level of ordinary skill in the pertinent art.
4.	Considering objective evidence present in the application indicating obviousness or nonobviousness.


This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary.  Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention.
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. 
Claims 1-2 and 5-6 are rejected under 35 U.S.C. 103 as being unpatentable over Duchon (US 2020/0084027) in view of Ebrahimi (US 2018/0227130).
Regarding claim 1, Duchon discloses the limitations substantially as follows:
An apparatus for sharing data, comprising one or more hardware processors configured to: 
generate a ciphertext for the first combined data (Duchon, paras. [0072]-[0075]: generating encrypted ciphertext for transaction data comprising one or more data elements (i.e. for the first combined data) by encrypting them with a symmetric secret key);
generate one or more ciphertexts for a decryption key of the ciphertext for the first combined data using one or more public keys of each of one or more entities to share the target data (Duchon, paras. [0072]-[0075]: generating one or more encrypted symmetric secret keys for each intended recipient (i.e. one or more ciphertexts for the symmetric/decryption key of the ciphertext) for each symmetric secret key used to encrypt the data elements of the transaction data (i.e. for the first combined data) using public keys of the intended recipients);
generate second combined data by combining the ciphertext for the first combined data, the one or more ciphertexts for the decryption key (Duchon, paras. [0072]-[0075]: combining into a new block the encrypted secret key (i.e. one or more ciphertexts for the decryption key) and the encrypted data elements (i.e. the ciphertext for the first combined data)), and 
disclose the second combined data to the one or more entities to share the target data to be shared (Duchon, paras. [0072]-[0075]: distributing to the intended recipients (i.e. one or more entities) the new data blocks comprising the encrypted secret keys and encrypted data elements of the transaction data to securely share the transaction data with the intended recipients);
Duchon does not explicitly disclose the remaining limitations of claim 1 as follows:
		generate first combined data by combining target data to be shared and a random bit string;
		generate second combined data by combining the ciphertext for the first combined data, the one or more ciphertexts, and the random bit string used to generate the first combined data;
generate an electronic signature for the second combined data using a secret key; and disclose the second combined data and the electronic signature to the one or more entities to share the target data to be shared;
wherein each of the random bit string included in the first combined data and the second combined data is used to verify the target data.
However, in the same field of endeavor Ebrahimi discloses the remaining limitations of claim 1 as follows:
generate first combined data by combining target data to be shared and a random bit string (paras. [0008], [0037]-[0038], [0050], Figs. 1A-1C: adding together (i.e. generating first combined data) identifying information of a user from a field (i.e. target data to be shared) and a random salt comprising a random string of bytes (i.e. random bit string)); 
generate second combined data by combining the ciphertext for the first combined data, the one or more ciphertexts, and the random bit string used to generate the first combined data (paras. [0008], [0037]-[0039], [0042]-[0043], [0050], Figs. 1A-1C& 4A: combining together the hashed data of a first field of user identifying information and random salt (i.e. ciphertext for the first combined data) with the additional hashed data for the additional fields (i.e. one or more ciphertexts) along with the random salt);
generate an electronic signature for the second combined data using a secret key; and disclose the second combined data and the electronic signature to the one or more entities to share the target data to be shared (paras. [0037]-[0039], [0042]-[0043]: generating an electronic signature using a private/secret key for signing the first field and additional fields of user identifying information in the user record (i.e. the second combined data) and sending the hashed data fields, random salt (i.e. second combined data) and digital signature of the hashed data to other third parties/certifiers/entities to validated);
wherein each of the random bit string included in the first combined data and the second combined data is used to verify the target data (Ebrahimi, paras. [0037]-[0038]: the SALTs corresponding to the SALT which was combined together with the field (i.e. random bit string from first combined data) and then combined together with the hashed data of the field and SALT (i.e. second combined data) are provided with a public key and pointer to that record on the blockchain to allow verification of the data (i.e. verify the target data));
Ebrahimi and Duchon are combinable because both are from the same field of providing security in LDAP systems.  It would have been obvious to one of ordinary skill before the effective filing date of the claimed invention to integrate Ebrahimi’s method of combining with a random bit string with the target data with the system of Duchon in order to increase the security of the system by preventing “brute-force discovery of the hashed data” and further obfuscating the target data (Ebrahimi, para. [0037]).  

	Regarding claim 2, Duchon and Ebrahimi disclose the limitations of claim 1.
Duchon discloses the limitations of claim 2 as follows:
The apparatus of claim 1, wherein the data encryptor is configured to generate the ciphertext for the first combined data using a symmetric key-based encryption algorithm and the decryption key is identical to an encryption key used to generate the ciphertext for the first combined data (paras. [0072]-[0075]: the encrypted data elements of the transaction data (i.e. ciphertext for the first combined data) are generated using a symmetric key, which by definition encrypts and decrypts using the same key (i.e. is identical to an encryption key for generating the ciphertext)).

Regarding claim 5, Duchon discloses the limitations substantially as follows:
A method of sharing data, comprising: 
generating a ciphertext for the first combined data (paras. [0072]-[0075]: generating encrypted ciphertext for transaction data comprising one or more data elements (i.e. for the first combined data) by encrypting them with a symmetric secret key); 
generating one or more ciphertexts for a decryption key of the ciphertext for the first combined data using one or more public keys of each of one or more entities to share the target data (paras. [0072]-[0073], [0075]: generating one or more encrypted symmetric secret keys for each intended recipient (i.e. one or more ciphertexts for the symmetric/decryption key of the ciphertext) for each symmetric secret key used to encrypt the data elements of the transaction data (i.e. for the first combined data) using public keys of the intended recipients); 
generating second combined data by combining the ciphertext for the first combined data, the one or more ciphertexts for the decryption key (paras. [0072]-[0075]: combining into a new block the encrypted secret key (i.e. one or more ciphertexts for the decryption key) and the encrypted data elements (i.e. the ciphertext for the first combined data)); and 
disclosing the second combined data to the one or more entities to share the target data to be shared (paras. [0072]-[0075]: distributing to the intended recipients (i.e. one or more entities) the new data blocks comprising the encrypted secret keys and encrypted data elements of the transaction data to securely share the transaction data with the intended recipients).
Duchon does not explicitly disclose the remaining limitations of claim 5 as follows:
generating first combined data by combining target data to be shared and a random bit string; 
generating second combined data by combining the ciphertext for the first combined data, the one or more ciphertexts, and the random bit string used to generate the first combined data;
generate an electronic signature for the second combined data using a secret key; and disclose the second combined data and the electronic signature to the one or more entities to share the target data to be shared;
wherein each of the random bit string included in the first combined data and the second combined data is used to verify the target data.
However, in the same field of endeavor, Ebrahimi discloses the remaining limitations of claim 5 as follows:
generating first combined data by combining target data to be shared and a random bit string (paras. [0008], [0037]-[0038], [0050], Figs. 1A-1C: adding together (i.e. generating first combined data) identifying information of a user from a first field (i.e. target data to be shared) and a random salt comprising a random string of bytes (i.e. random bit string)); 
generating second combined data by combining the ciphertext for the first combined data, the one or more ciphertexts, and the random bit string used to generate the first combined data (paras. [0037]-[0039], [0042]-[0043], [0050], Figs. 1A-1C& 4A: combining together the hashed data of a first field of user identifying information and random salt (i.e. ciphertext for the first combined data) with the additional hashed data for the additional fields along with the random salt);
generate an electronic signature for the second combined data using a secret key; and disclose the second combined data and the electronic signature to the one or more entities to share the target data to be shared (paras. [0037]-[0039], [0043]: generating an electronic signature using a private/secret key for signing the first field and additional fields of user identifying information in the user record (i.e. the second combined data) and sending the user record on the blockchain to other third parties/certifiers/entities to validated)
wherein each of the random bit string included in the first combined data and the second combined data is used to verify the target data (Ebrahimi, paras. [0037]-[0038]: the SALTs corresponding to the SALT which was combined together with the field (i.e. random bit string from first combined data) and then combined together with the hashed data of the field and SALT (i.e. second combined data) are provided with a public key and pointer to that record on the blockchain to allow verification of the data (i.e. verify the target data));
Ebrahimi and Duchon are combinable because both are from the same field of providing security in LDAP systems.  It would have been obvious to one of ordinary skill before the effective filing date of the claimed invention to integrate Ebrahimi’s method of combining with a random bit string with the target data with the system of Duchon in order to increase the security of the system by preventing “brute-force discovery of the hashed data” and further obfuscating the target data (Ebrahimi, para. [0037]).  

	Regarding claim 6, Duchon and Ebrahimi disclose the limitations of claim 5.
Duchon discloses the limitations of claim 6 as follows:
The method of claim 5, wherein the generating of the ciphertext for the first combined data comprises generating the ciphertext for the first combined data using a symmetric key-based encryption algorithm and the decryption key is identical to an encryption key used to generate the ciphertext for the first combined data (paras. [0072]-[0075]: the encrypted data elements of the transaction data (i.e. ciphertext for the first combined data) are generated using a symmetric key, which by definition encrypts and decrypts using the same key (i.e. is identical to an encryption key for generating the ciphertext)).

Prior Art Not Considered But Relied Upon
Prior art considered but not relied upon includes:
1) WO 2018/213916 : generating an encrypted ciphertext first combined data by encrypting blockchain data and signature using a symmetric key and then generating one or more ciphertexts of a decryption key for the ciphertext of the first combined data by generating encrypted symmetric key.

Conclusion
For the above-stated reasons, claims 1-2 and 5-6 are rejected.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SHARON S LYNCH whose telephone number is (571)272-4583.  The examiner can normally be reached on 10AM-6PM.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Taghi T Arani can be reached on 571-272-3787.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/SHARON S LYNCH/Primary Examiner, Art Unit 2438