DETAILED ACTION
This action is in response to the application filed on June 23, 2022. Claims 1-20 are pending. Claims 1, 10, 11-14, 17-18, and 20 are amended. Of such, claims 1-9 represent a system, claim 10 represents a method, claims 11-19 represent another system, and claim 20 represents another method directed to split keys for wallet recovery.
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Response to Arguments
Applicant’s arguments, see pages 8-9, filed  on June 23, 2022, with respect to the rejections of claims 1-20 in view of Setty, Patin, and Machani have been fully considered and are persuasive.  Therefore the rejection has been withdrawn. However, upon further consideration, a new grounds of rejection is made in view of Setty, Patin, Machani, in further view of Sierra et al. (US 11057210).
Claim Objections
The objection to the disclosure for informalities is withdrawn in light of the amendments to the
Claims.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claim(s) 1, 6-12, 14-16, 18, 20 are rejected under 35 U.S.C. 103 as being unpatentable by Setty et al (US Patent Application Publication 2018/0375653) hereinafter referred to as Setty, in view of Sierra et al. (US 11057210), hereinafter referred to as Sierra. 
	Regarding Claim 1, Setty discloses:
A system for key recovery (In ¶ 3, Setty discloses “In accordance with one or more aspects, a key recovery policy for a protected key is obtained”), comprising: an interface configured to (In ¶ 135, Setty discloses “The one or more input/output interface(s) 708 are representative of functionality to allow a user to enter commands and information to computing device 702”): receive a request to recover a user private key (In ¶ 25, Setty discloses “The key recovery policy 112 can be created by a user or administrator of the client device 102, by an employer or manager of an organization that owns the client device”); and a processor configured to (In ¶ 133, Setty discloses “The processing system 704 is representative of functionality to perform one or more operations using hardware”): provide a request to a credential issuing authority for a first recovery key share, wherein the request includes a first identification credential (In ¶ 155, Setty discloses “the method being implemented in a recovering authority device, the attempting to obtain the decrypted key shares comprising sending, to a leaf agent, a request for the decrypted key share associated with the leaf agent”), and wherein the first recovery key share is encrypted using a credential issuing authority public key associated with the credential issuing authority (In ¶ 156, Setty discloses “encrypt each of the multiple shares of the key with a public key of a public/private key pair of the leaf agent with which the key share is associated”); receive the first recovery key share from the credential issuing authority (In ¶ 30, Setty further discloses “The recovering authority device 108 receives the decrypted shares from the leaf agent devices”); provide a request to a trusted organization for a second recovery key share, wherein the request includes a second identification credential (In ¶ 155, Setty discloses “the method being implemented in a recovering authority device, the attempting to obtain the decrypted key shares comprising sending, to a leaf agent, a request for the decrypted key share associated with the leaf agent”), and wherein the second recovery key share is encrypted using a trusted organization public key associated with the trusted organization (In ¶ 156, Setty discloses “encrypt each of the multiple shares of the key with a public key of a public/private key pair of the leaf agent with which the key share is associated”); receive the second recovery key share from the trusted organization (In ¶ 30, Setty further discloses “The recovering authority device 108 receives the decrypted shares from the leaf agent devices”); combine the first recovery key share and the second recovery key share to determine a recovered encryption key (In ¶ 153, Setty discloses “determining whether two leaf agents that make up the node are combined using a logical AND operation or a logical OR operation”); and determine the user private key using the recovered encryption key and an encrypted backup copy of the user private key (In ¶ 153, Setty discloses “in response to the two leaf agents being combined using the logical OR operation, providing a same key share of the protected key to each of the two leaf agents, and in response to the two leaf agents being combined using the logic AND operation generating two key shares that can be multiplied together to generate the protected key”).
However, Setty does not explicitly disclose the limitation of providing the encrypted share back to the agent. 
Sierra discloses:
and is provided to the credential issuing authority (In ¶ 26, Sierra discloses “At block 314, user device 202 can send a different key share KSi to each shareholder device 208(i) (for 1≤i≤M), e.g., by operation of key distribution module 234. In some embodiments, each shareholder device 208(i) can securely store its respective share KSi to protect against data theft”)
and is provided to the trusted organization (In ¶ 26, Sierra discloses “At block 314, user device 202 can send a different key share KSi to each shareholder device 208(i) (for 1≤i≤M), e.g., by operation of key distribution module 234. In some embodiments, each shareholder device 208(i) can securely store its respective share KSi to protect against data theft”)
One in ordinary skill in the art of cryptography would have been motivated, before the effective filing date of the claimed invention to modify Setty’s approach by utilizing Sierra’s approach of returning the encrypted shares back to the agent as the motivation would be to that returning the encrypted shares to the agents would increase security of the shares by further distributing the shares rather than consolidating them in a single server (See Sierra ¶ 87).
 Regarding Claim 6, the combination of Setty and Sierra disclose:
The system of claim 1, wherein the processor is further configured to determine the trusted organization (In ¶ 3, Setty discloses “Based on the key recovery policy, multiple key shares of the protected key are generated, and ones of the multiple key shares are associated with ones of the multiple leaf agents based at least in part on the key recovery policy”).
	Regarding Claim 7, the combination of Setty and Sierra disclose:
	The system of claim 1, wherein the trusted organization comprises an employer human resources management system (In ¶ 1, Setty discloses “By way of another example, a government or law enforcement agency may require access to encrypted data, yet may not have access to the user's decryption key” (Government or law enforcement agencies comprise Human Resource departments)).
	Regarding Claim 8, the combination of Setty and Sierra disclose:
	The system of claim 1, wherein the processor is further configured to encrypt the user private key using a local encryption key (In ¶ 19, Setty discloses “The client device 102 is associated with a client (e.g., a user, organization, etc.) that desires to protect information (e.g., data, programs, communications channels, etc.) using a key that is protected based on a key recovery policy 112. This key is referred to as the protected key 114.”).
	Regarding Claim 9, the combination of Setty and Sierra disclose:
	The system of claim 1, wherein the processor is further configured to retrieve an identifier document from a decentralized ledger corresponding to the user private key (In ¶ 15, Setty discloses “The client device also optionally generates a proof that the encrypted shares from each appropriate one or combination of leaf agents (as indicated by the recovery policy) can indeed be used to recover the protected key”).
Regarding Claim 10, Setty discloses:
A method for key recovery (In ¶ 3, Setty discloses “In accordance with one or more aspects, a key recovery policy for a protected key is obtained”), comprising: receiving a request to recover a user private key (In ¶ 25, Setty discloses “The key recovery policy 112 can be created by a user or administrator of the client device 102, by an employer or manager of an organization that owns the client device”); providing, using a processor, a request to a credential issuing authority for a first recovery key share, wherein the request includes a first identification credential  (In ¶ 155, Setty discloses “the method being implemented in a recovering authority device, the attempting to obtain the decrypted key shares comprising sending, to a leaf agent, a request for the decrypted key share associated with the leaf agent”), and wherein the first recovery key share is encrypted using a credential issuing authority public key associated with the credential issuing (In ¶ 156, Setty discloses “encrypt each of the multiple shares of the key with a public key of a public/private key pair of the leaf agent with which the key share is associated”); receiving the first recovery key share from the credential issuing authority (In ¶ 30, Setty discloses “The recovering authority device 108 receives the decrypted shares from the leaf agent devices”); providing a request to a trusted organization for a second recovery key share, wherein the request includes a second identification credential  (In ¶ 155, Setty discloses “the method being implemented in a recovering authority device, the attempting to obtain the decrypted key shares comprising sending, to a leaf agent, a request for the decrypted key share associated with the leaf agent”), and wherein the second recovery key share is encrypted using a trusted organization public key associated with the trusted organization (In ¶ 156, Setty discloses “encrypt each of the multiple shares of the key with a public key of a public/private key pair of the leaf agent with which the key share is associated”); receiving the second recovery key share from the trusted organization (In ¶ 30, Setty discloses “The recovering authority device 108 receives the decrypted shares from the leaf agent devices”); combining the first recovery key share and the second recovery key share to determine a recovered encryption key (In ¶ 153, Setty discloses “determining whether two leaf agents that make up the node are combined using a logical AND operation or a logical OR operation”); and determining the user private key using the recovered encryption key and an encrypted backup copy of the user private key (In ¶ 153, Setty discloses “in response to the two leaf agents being combined using the logical OR operation, providing a same key share of the protected key to each of the two leaf agents, and in response to the two leaf agents being combined using the logic AND operation generating two key shares that can be multiplied together to generate the protected key”).
However, Setty does not explicitly disclose the limitation of providing the encrypted share back to the agent. 
Sierra discloses:
and is provided to the credential issuing authority (In ¶ 26, Sierra discloses “At block 314, user device 202 can send a different key share KSi to each shareholder device 208(i) (for 1≤i≤M), e.g., by operation of key distribution module 234. In some embodiments, each shareholder device 208(i) can securely store its respective share KSi to protect against data theft”)
and is provided to the trusted organization (In ¶ 26, Sierra discloses “At block 314, user device 202 can send a different key share KSi to each shareholder device 208(i) (for 1≤i≤M), e.g., by operation of key distribution module 234. In some embodiments, each shareholder device 208(i) can securely store its respective share KSi to protect against data theft”)
One in ordinary skill in the art of cryptography would have been motivated, before the effective filing date of the claimed invention to modify Setty’s approach by utilizing Sierra’s approach of returning the encrypted shares back to the agent as the motivation would be to that returning the encrypted shares to the agents would increase security of the shares by further distributing the shares rather than consolidating them in a single server (See Sierra ¶ 87).
Regarding Claim 11, Setty discloses:
	A system for key storage (In ¶ 21, Setty discloses “The service 104 is a storage or escrow service that stores or otherwise maintains encrypted key shares”), comprising: an interface configured to: receive an indication to create a credential issuing authority encrypted recovery encryption key share and a trusted organization encrypted recovery encryption key share (In ¶ 25, Setty discloses “The key recovery policy 112 can be created by a user or administrator of the client device 102, by an employer or manager of an organization that owns the client device”); and a processor configured to (In ¶ 157, Setty discloses “the multiple instructions further causing the processor to use a Decisional Diffie-Hellman assumption as a basis for generating the multiple key shares and encrypting each of the multiple shares of the key”): create two recovery encryption key shares based at least in part on a recovery encryption key (In ¶ 27, Setty discloses “The client device 102 creates multiple shares of the protected key 114 for the leaf agents such that shares from the combination(s) of leaf agents specified in the key recovery policy”); determine a credential issuing authority public key associated with a credential issuing authority (In ¶ 3, Setty discloses “Based on the key recovery policy, multiple key shares of the protected key are generated, and ones of the multiple key shares are associated with ones of the multiple leaf agents based at least in part on the key recovery policy”); encrypt a first recovery encryption key share using the credential issuing authority public key to generate a credential issuing authority encrypted recovery encryption key share, wherein the credential issuing authority public key is associated with the credential issuing authority (In ¶ 156, Setty discloses “encrypt each of the multiple shares of the key with a public key of a public/private key pair of the leaf agent with which the key share is associated; and send the encrypted key shares to a service for storage”); determine a trusted organization and an associated trusted organization public key (In ¶ 3, Setty discloses “Based on the key recovery policy, multiple key shares of the protected key are generated, and ones of the multiple key shares are associated with ones of the multiple leaf agents based at least in part on the key recovery policy”); encrypt a second recovery encryption key share using the trusted organization’s public key to generate a trusted organization encrypted recovery encryption key share, wherein the credential issuing authority public key is associated with the credential issuing authority; (In ¶ 156, Setty discloses “encrypt each of the multiple shares of the key with a public key of a public/private key pair of the leaf agent with which the key share is associated; and send the encrypted key shares to a service for storage”).
However, Setty does not explicitly disclose the limitation of providing the encrypted share back to the agent. 
Sierra discloses:
and provide the trusted organization encrypted recovery encryption key share to the trusted organization (In ¶ 26, Sierra discloses “At block 314, user device 202 can send a different key share KSi to each shareholder device 208(i) (for 1≤i≤M), e.g., by operation of key distribution module 234. In some embodiments, each shareholder device 208(i) can securely store its respective share KSi to protect against data theft”); provide the credential issuing authority encrypted recovery encryption key share to the credential issuing authority (In ¶ 26, Sierra discloses “At block 314, user device 202 can send a different key share KSi to each shareholder device 208(i) (for 1≤i≤M), e.g., by operation of key distribution module 234. In some embodiments, each shareholder device 208(i) can securely store its respective share KSi to protect against data theft”)
One in ordinary skill in the art of cryptography would have been motivated, before the effective filing date of the claimed invention to modify Setty’s approach by utilizing Sierra’s approach of returning the encrypted shares back to the agent as the motivation would be to that returning the encrypted shares to the agents would increase security of the shares by further distributing the shares rather than consolidating them in a single server (See Sierra ¶ 87).
Regarding Claim 12, the combination of Setty and Sierra disclose:
The system of claim 11, wherein the processor is further configured to create a user private key (In ¶ 25, Setty discloses “The protected key 114 can be generated by the client device 102 and/or obtained from another device or service (e.g., a trusted key generation service accessible to the client device”).
	Regarding Claim 14, the combination of Setty and Sierra disclose:
The system of claim 11, wherein the processor is further configured to create the recovery encryption key (In ¶ 3, Setty discloses “multiple key shares of the protected key are generated”).
	Regarding Claim 15, the combination of Setty and Sierra disclose:
	The system of claim 14, wherein the processor is further configured to encrypt the user is private key using the recovery encryption key to create an encrypted private key (In ¶ 3, Setty discloses “Each of the multiple shares of the key is encrypted with a public key of a public/private key pair of the leaf agent with which the key share is associated”).
	Regarding Claim 16, the combination of Setty and Sierra disclose:
The system of claim 15, wherein the processor is further configured to provide the encrypted private key to the credential issuing authority (In ¶ 27, Setty discloses “The client device 102 creates multiple shares of the protected key 114 for the leaf agents such that shares from the combination(s) of leaf agents specified in the key recovery policy”).
	Regarding Claim 18, the combination of Setty and Sierra disclose:
The system of claim 11, wherein the processor is further configured to determine the trusted organization (In ¶ 3, Setty discloses “Based on the key recovery policy, multiple key shares of the protected key are generated, and ones of the multiple key shares are associated with ones of the multiple leaf agents based at least in part on the key recovery policy”).
Regarding Claim 20, Setty discloses:
A method for key storage (In ¶ 21, Setty discloses “The service 104 is a storage or escrow service that stores or otherwise maintains encrypted key shares.”), comprising:  receiving an indication to create a credential issuing authority encrypted recovery encryption key share and a trusted organization encrypted recovery encryption key share (In ¶ 25, Setty discloses “The key recovery policy 112 can be created by a user or administrator of the client device 102, by an employer or manager of an organization that owns the client device”); creating, using a processor, two recovery encryption key shares based at least in part on a recovery encryption key (In ¶ 27, Setty discloses “The client device 102 creates multiple shares of the protected key 114 for the leaf agents such that shares from the combination(s) of leaf agents specified in the key recovery policy”); determining a credential issuing authority public key associated with a credential issuing authority (In ¶ 3, Setty discloses “Based on the key recovery policy, multiple key shares of the protected key are generated, and ones of the multiple key shares are associated with ones of the multiple leaf agents based at least in part on the key recovery policy”); encrypting a first recovery encryption key share using the credential issuing authority public key to generate a credential issuing authority encrypted recovery encryption key share, wherein the credential issuing authority public key is associated with the credential issuing authority (In ¶ 156, Setty discloses “encrypt each of the multiple shares of the key with a public key of a public/private key pair of the leaf agent with which the key share is associated; and send the encrypted key shares to a service for storage”); determining a trusted organization and an associated trusted organization public key (In ¶ 3, Setty discloses “Based on the key recovery policy, multiple key shares of the protected key are generated, and ones of the multiple key shares are associated with ones of the multiple leaf agents based at least in part on the key recovery policy”); encrypt a second recovery encryption key share using the trusted organization public key to generate a trusted organization encrypted recovery encryption key share, wherein the trusted organization public key is associated with the trusted organization (In ¶ 156, Setty discloses “encrypt each of the multiple shares of the key with a public key of a public/private key pair of the leaf agent with which the key share is associated; and send the encrypted key shares to a service for storage”).
However, Setty does not explicitly disclose the limitation of providing the encrypted share back to the agent. 
Sierra discloses:
providing the credential issuing authority encrypted recovery encryption key share to the credential issuing authority  (In ¶ 26, Sierra discloses “At block 314, user device 202 can send a different key share KSi to each shareholder device 208(i) (for 1≤i≤M), e.g., by operation of key distribution module 234. In some embodiments, each shareholder device 208(i) can securely store its respective share KSi to protect against data theft”); and providing the trusted organization encrypted recovery encryption key share to the trusted organization  (In ¶ 26, Sierra discloses “At block 314, user device 202 can send a different key share KSi to each shareholder device 208(i) (for 1≤i≤M), e.g., by operation of key distribution module 234. In some embodiments, each shareholder device 208(i) can securely store its respective share KSi to protect against data theft”)
One in ordinary skill in the art of cryptography would have been motivated, before the effective filing date of the claimed invention to modify Setty’s approach by utilizing Sierra’s approach of returning the encrypted shares back to the agent as the motivation would be to that returning the encrypted shares to the agents would increase security of the shares by further distributing the shares rather than consolidating them in a single server (See Sierra ¶ 87).

Claims 2-4, 13, 19 are rejected under 35 U.S.C. 103 as being unpatentable over Setty et al (US Patent Application Publication 2018/0375653), hereinafter referred to as Setty, in view of Sierra et al. (US 11057210), hereinafter referred to as Sierra, in further view of Patin (US Patent 10439812), hereinafter referred to as Patin.
Regarding Claim 2, the combination of Setty and Sierra disclose all the elements of the current invention as detailed with respect to claim 1 as referenced above. 
However, Setty and Sierra do not explicitly disclose the association of an email address with the private key.
Patin discloses wherein the request to recover the user private key is associated with an email address (In ¶ 31, Patin discloses “Alternatively, the user private key 152 and/or supplemental recovery information may be hashed or otherwise scrambled to produce a derivative, such as the recovery seed 154. Examples of supplemental recovery information include a user identifier, a user password, an email address, answers to account recovery queries, etc.”).
One of ordinary skill in the art of cryptography would be motivated, before the effective filing
date of the claimed invention to utilize Patin’s approach of associating an email address with the private key as the motivation would be that it would be a useful mechanism as an identifier to recover the private key (See Patin ¶ 31).
Regarding Claim 3, the combination of Setty and Sierra disclose all the elements of the current invention as detailed with respect to claim 1 as referenced above. 
However, Setty and Sierra do not explicitly disclose the recording of a user image and a user identification image.
Patin discloses wherein the processor is further configured to record a user image and a user identification image (In ¶ 14, Patin discloses “According to various embodiments, the user-specified recovery information may include any combination of a plurality of user-specified answers to a plurality of user-specified secret questions, digitized biometric information of the user, and/or subscription information provided by an account security service, which may be a part of or separate from the key recovery computing system”).
One of ordinary skill in the art of cryptography would be motivated, before the effective filing
date of the claimed invention to utilize Patin’s approach of utilizing a user image or user identification image as the motivation would be that biometrics increase the level of entropy to recover the private key (See Patin ¶ 27).
Regarding Claim 4, the combination of Setty and Sierra disclose all the elements of the current invention as detailed with respect to claim 1 as referenced above. 
However, Setty and Sierra do not explicitly disclose one of the following identification credentials.
Patin discloses wherein the second identification credential comprises one or more of the following: the identification validation credential, a password, a human resources system knowledge challenge, a last two digits of a last two paychecks, a most recent performance rating, and/or a number of coworkers on a team  (In ¶ 31, Patin discloses “Alternatively, the user private key 152 and/or supplemental recovery information may be hashed or otherwise scrambled to produce a derivative, such as the recovery seed 154. Examples of supplemental recovery information include a user identifier, a user password, an email address, answers to account recovery queries, etc.”).
One of ordinary skill in the art of cryptography would be motivated, before the effective filing
date of the claimed invention to utilize Patin’s approach of associating an email address with the private key as the motivation would be that it would be a useful mechanism as an identifier to recover the private key (See Patin ¶ 31).
Regarding Claim 13, the combination of Setty and Sierra disclose all the elements of the current invention as detailed with respect to claim 1 as referenced above. 
However, Setty and Sierra do not explicitly disclose the recording of a user image and a user identification image.
Patin discloses wherein the processor is further configured to record a user image and a user identification image (In ¶ 14, Patin discloses “According to various embodiments, the user-specified recovery information may include any combination of a plurality of user-specified answers to a plurality of user-specified secret questions, digitized biometric information of the user, and/or subscription information provided by an account security service, which may be a part of or separate from the key recovery computing system”).
One of ordinary skill in the art of cryptography would be motivated, before the effective filing
date of the claimed invention to utilize Patin’s approach of utilizing a user image or user identification image as the motivation would be that biometrics increase the level of entropy to recover the private key (See Patin ¶ 27).
Regarding Claim 19, the combination of Setty and Sierra disclose all the elements of the current invention as detailed with respect to claim 18 as referenced above. 
However, Setty and Sierra do not explicitly disclose querying the trusted organization using an identification validation credential.
Patin discloses wherein the trusted organization is determined by querying the credential issuing authority using an identification validation credential (In ¶ 31, Patin discloses “Alternatively, the user private key 152 and/or supplemental recovery information may be hashed or otherwise scrambled to produce a derivative, such as the recovery seed 154. Examples of supplemental recovery information include a user identifier, a user password, an email address, answers to account recovery queries, etc.”).
One of ordinary skill in the art of cryptography would be motivated, before the effective filing
date of the claimed invention to utilize Patin’s approach of associating an email address with the private key as the motivation would be that it would be a useful mechanism as an identifier to recover the private key (See Patin ¶ 31).

Claims 5 and 17 are rejected under 35 U.S.C. 103 as being unpatentable over Setty et al (US Patent Application Publication 2018/0375653), hereinafter referred to as Setty, in view of Sierra et al. (US 11057210), hereinafter referred to as Sierra, in further view of Machani et al (US Patent 10516527), hereinafter referred to as Machani.
Regarding Claim 5, Setty and Sierra disclose all the elements of the current invention as detailed with respect to claim 1 as referenced above. 
However, Setty and Sierra do not explicitly disclose a token share.
Machani discloses wherein the processor is further configured to receive an 25encrypted key request token with the first recovery key share from the credential issuing authority (In ¶ 60, Machani discloses “FIG. 7 illustrates a secret sharing process 700 whereby a given user can share data 710 among a plurality of devices 110-A and 110-B of the given user. The data 710 may comprise, for example, login credentials (e.g., username/password) for personal and business web based and native applications; authentication access tokens, for example”).
One of ordinary skill in the art of cryptography would be motivated, before the effective filing
date of the claimed invention to utilize Machani’s approach of utilizing tokens in data sharing between entities as the motivation would be the web token would be more secure to transfer data between two parties (See Machani ¶ 3).
Regarding Claim 17, Setty and Sierra disclose all the elements of the current invention as detailed with respect to claim 11 as referenced above. 
However, Setty and Sierra do not explicitly disclose discarding the recovery encryption key after the key shares are generated.
Machani discloses wherein the processor is further configured to discard the recovery encryption key after creating the two recovery encryption key shares  (In ¶ 19, Machani discloses “The client deletes the data protection private key 120.sub.priv from memory following the key splitting 200”).
One of ordinary skill in the art of cryptography would be motivated, before the effective filing
date of the claimed invention to utilize Machani’s approach of deleting the recovery private key from memory when the key splitting is complete as the motivation would be to prevent leakage of unused data  (See Machani ¶ 2).
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Opera et al. (US Publication Number 2015/0242616) discloses a method for credential recovery with the assistance of trusted entities. 
Ryhorchuck et al. (US Publication Number 2015/0254463) discloses a system and method for a key recovery module utilizing a certified public key associated with a key-pair.
Boneh et al. (US Publication Number 2003/0081785) discloses a system and method for identity-based encryption and cryptographic techniques. 
Johnson et al. (US Patent Number 5,796,830) discloses a method for cryptographic key recovery that is interoperable with existing systems for establishing keys between communicating parties. 
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SHADI H KOBROSLI whose telephone number is (571)272-1952. The examiner can normally be reached M-F 9am-5pm ET.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Saleh Najjar can be reached on 571-272-4006. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/SHADI H KOBROSLI/Examiner, Art Unit 2492                                                                                                                                                                                                        

/SALEH NAJJAR/Supervisory Patent Examiner, Art Unit 2492