DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

This application is in condition for allowance except for the following formal matters: 
This application is in condition for allowance except for the presence of claims 8-10 and 13 directed to an invention non-elected with traverse in the reply filed on 8/11/2022. Applicant is given TWO (2) MONTHS from the date of this letter to cancel the noted claims or take other appropriate action (37 CFR 1.144). Failure to take action during this period will be treated as authorization to cancel the noted claims by Examiner’s Amendment and pass the case to issue. Extensions of time under 37 CFR 1.136(a) will not be permitted since this application will be passed to issue.
The prosecution of this case is closed except for consideration of the above matter.

Applicant's election with traverse of Invention I (claims 1-7 and 12) in the reply filed on 8/11/2022 is acknowledged.  The traversal is on the grounds that there is no serious search burden.  A separate search being required does not demonstrate this serious burden.  In fact, there is no reason to believe that any serious additional search would be required in the circumstance described by the Restriction Requirement.  The claims in the two restricted groups have limitations that almost perfectly compliment each other, such that a search involving a limitation in a claim in one group necessarily involves the complementary limitation in the corresponding claim in the second group.  For instance, the Restriction Requirement does not explain why a separate search would be needed for claim 8’s limitation of “checking the validity of the challenge based on a random value” if a search for claim 1’s limitation “checking the validity of the challenge based on the random value” has already been performed.  Likewise, the Restriction Requirement does not explain why a search would be needed for any of claim 8’s limitations of “providing the challenge to the device,” “obtaining an auxiliary value from the device,” providing the random value to the device,” and “obtaining a response from the device,” if a search for claim 1’s complementary limitations of “obtaining a challenge from a host,” “providing an auxiliary value to the host,” “obtaining a random value from the host,” and “providing the response to the host...” has
already been performed. The Restriction Requirement makes no attempt whatsoever to show that any additional search burden or examination burden would be ‘serious.” In particular, it does not show a
separate classification, different status, or different field of search that would apply. This is in stark contrast to the requirements set forth by the MPEP, which states that “restriction is only
 proper when there would be a serious burden if restriction were not required, as evidenced by separate classification, status, or field of search.” (MPEP 806.05(d).)  The Restriction Requirement also fails to support its contention that “at least one subcombination is separately usable.” The Restriction Requirement asserts that “subcombination I has separate utility such as providing a response,” but this is simply a conclusory allegation. The Restriction Requirement does not explain how the method of claim 1, which provides a response in a “challenge-response” negotiation between a device and a host, could be used separately from the method of claim 8, which provides the challenge and receives the resulting
response.
This is not found persuasive for the following reasons:
The Examiner notes that there are two different inventive concepts being claimed in the two different groups.  In Invention I (claim 1, for example), the inventive concept is drawn to checking the validity of the challenge based on the random value, and providing the response to the host only if the challenge is valid.  This is a method for a way to check the validity of the challenge before providing the response.  In Invention II on the other hand (claim 8, for example), the inventive concept is drawn to authenticating a device based on a response corresponding to an auxiliary value.  These are two entirely different fields of search.  Invention I’s field of search is drawn to when to provide a response, and Invention II’s field of search is drawn to a way to authenticate a device.  Therefore, a serious search burden does between the two groups.  This is further demonstrated by the fact that Invention I has been searched by the Examiner and is found to be allowable, based on allowable subject matter which is not found in Invention II (specifically, checking validity of the challenge based on the random value and providing the response to the host only if the challenge is valid, see reasons for allowance below).  A separate search would be required to determine allowability, which would correspond to the specific way of authenticating a device claimed in Invention II.  Therefore, there is a serious search burden.  In addition, Invention I does have a separate utility, as shown above, which is the determination of when to provide a response.  Invention II also has a separate utility, which is authenticating a device.
The requirement is still deemed proper and is therefore made FINAL.

Allowable Subject Matter
Claims 1-7, 11, and 12 are allowed.
The following is an examiner’s statement of reasons for allowance: The closest prior art is:
Ruane et al. (US 2021/0243035) which teaches: At 320, the security component 113 validates the digital signature 314 based on the challenged data 302 using the public key 300. If the security component 113 determines that the digital signature 314 is invalid, authentication fails. Otherwise, if the security component 113 determines that the digital signature 314 is valid, the security component 113 verifies the enablement data 308, at 322. As will be discussed in further detail below, the verifying of the enablement data 308 can include verifying a length of the cryptographic nonce 303 included in the enablement data 308; verifying that the challenge data included in the enablement data 308 matches the challenge data 302; and in some embodiments, verifying that the password 312 is valid - see [0041].
Benson et al. (US 10,965,474) which teaches: In some embodiments, the challenge 465 includes a verification value (e.g., an unlock secret key, a random number, etc.) that is encrypted such that only the security device is able to decrypt and return the verification value. For example, in some embodiments, the challenge is encrypted using a shared key that is generated (e.g., using an elliptic curve Diffie-Hellman (ECDH) protocol) based on a combination of public values (e.g., keys) that are exchanged between the target and security devices, and private secret values unique to the target and security devices. In other embodiments, the challenge 465 is encrypted using a public key of the security device such that the encrypted challenge 465 can only be decrypted (e.g., using a RSA protocol) with a private secret key embedded in the security device 410 - see column 12 line 60 - column 13 line 6.
Robshaw et al. (US 10,121,033) which teaches: To authenticate a tag in these embodiments, the reader interrogates the tag to determine the tag identifier, challenges the tag with a random number or string, receives a response from the tag, and then sends the identifier, challenge, and response to the verification authority. In some applications, each individual RFID tag or group of tags will contain a distinct key, and the verification authority can determine which key a particular tag employs by using the identifier as a table lookup or input to an algorithmic key generator. The tag computes its response from at least the challenge and the key, typically using a cryptographic algorithm. In some applications the tag may add some tag-generated randomness to the reader's challenge to enhance the security of the challenge-response algorithm. Because the verification authority must be able to reconstruct the challenge that the tag used in its computations, in these latter applications the tag either sends its tag-generated randomness to the reader for relaying to the verification authority, or provides sufficient information in its identifier and response for the verification authority to determine the tag-generated randomness algorithmically. In some applications, to further enhance security, the tag may encrypt its tag-generated randomness in an Initial Value (IV) and send the IV to the reader for relaying to the verification authority. In yet other applications the verification authority will generate the challenge and send it to the reader for relaying to the tag - see column 5 line 56 - column 6 line 15.
Buckley et al. (US 2017/0134444) which teaches: the second nonce is a construct of various sets of data that are similar to the 1st nonce. The use of such second nonce is merely for illustrative purposes and one skilled in the art will appreciate that what is important is that the second nonce contains a challenge and additional data to verify if the challenge has come from a legitimate source - see [0168].
Bessis et al. (US 2012/0180119) which teaches: Responsive to this fake authentication challenge, the UE must reply with a second registration request including the nonce and the challenge response. In one embodiment, the SIP firewall will confirm an association between the challenge response and the corresponding fake authentication challenge by verifying the nonce (but not the challenge response, since it is a fake request) before opening a registration window to the protected node. In such manner, the SIP firewall forces the UE to be in a "stateful" mode and to use a valid IP address in order to mount a successful attack, which makes an attack extremely difficult and costly - see [0023].
However, the prior art does not teach or suggest checking the validity of the challenge based on a random value, and providing the response to the host only if the challenge is valid.  
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to LISA C LEWIS whose telephone number is (571)270-7724. The examiner can normally be reached Monday - Thursday 7am-2pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Farid Homayounmehr can be reached on 571-272-3739. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/LISA C LEWIS/Primary Examiner, Art Unit 2495