DETAILED ACTION
Notice of AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Priority
This application filed on 07/29/2020 Claims Priority from Provisional Application 62879642, filed on 07/29/2019.

Claim Objections

Claim 1 is objected to because of the following informalities: On line 10, claim 1 recites the following limitation, “using second user input”. The office recommends replacing this claim limitation with “using a second user input” in order to clarify the claim.  

Appropriate correction is required.

Claim 12 is objected to because of the following informalities: On line 1, claim 12 recites the following limitation, “A method for retrieving stored data of a user”. The office recommends replacing this claim limitation with “A method for retrieving a stored data of a user” in order to clarify the claim. 

 Appropriate correction is required.

Claim Rejections - 35 USC § 112

The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.

The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claims 1 and associated dependent claims are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor, or for pre-AIA  the applicant regards as the invention. 

On claim 1, line 12 the following claim limitation is recited. “a computationally irreversible function” This raises a question whether or not this claim limitation is referring to same claim limitation recited on line 7. This makes the claim ambiguous and not clear.  For this reason, the scope of the claim can’t be determined and this makes the claim indefinite. The office recommends replacing the claim limitation recited on line 12 as “using the computationally irreversible function” and the office interpreted this claim likewise. 

Appropriate correction is required.

Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.

In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. 

Claims 1 is rejected under 35 U.S.C. 102(a) (2) as being anticipated by Eigner et al. (US Patent No.: 10,657,283 B2), hereinafter referenced as Eigner.

Regarding claim 1, Eigner teaches a method of sending previously stored data of a user to a user computing device (Fig. 1. Col 2, Line [35-36]-Eigner discloses According to various embodiments, there is provided a method for retrieving a first data object), the stored data being stored in a storage system by the user computing device (Fig. 1. Col 6, Line [50-54]-Eigner discloses the first data store 140 may be a local data store including, for example, but not limited to, an internal hard drive, a portal storage device (e.g., a universal serial bus (USB) flash drive, external hard drive), and any combination thereof.), comprising: receiving, at the storage system, a first indexical component (Fig. 4B, #415 is called first obfuscated Record Locator, Col 16, Line [26-30]) from the user computing device (Fig. 5. Col 9, Line [12-23]-Eigner discloses the secure platform 120 obfuscates the original record locator for each of the plurality of fragments to generate an obfuscated record locator for each of the plurality of fragments (214). As will be described in further details, the secure platform 120 can alter and/or obfuscate an original record locator RLi, for each fragment fi, of the plurality of fragments f1 ... fn to generate an obfuscated record locator RLi' based on one or more variable storage parameters including, for example, but not limited to, a username, the user passphrase, a current security model, a type of the data object, a size of the data object, security requirements, and performance requirements.), the first indexical component (Fig. 4B, #415 is called first obfuscated Record Locator, Col 16, Line [26-30]) being generated using a first user input (Fig. 3, #302 is called user passphrase, Col 16, Line [31]), the first indexical component (Fig. 4B, #415 is called first obfuscated Record Locator, Col 16, Line [26-30])  being an integer value (Col 25, Line [22-25]-Eigner further discloses a type of security model used to secure the data ( e.g., encryption, obfuscation), and a type or format of character that the field value will contain (e.g., decimal, integer, character, string) and being derived using a computationally irreversible function such that the first user input (Fig. 3, #302 is called user passphrase, Col 16, Line [31]) is not derivable from the first indexical component (Fig. 4B, #415 is called first obfuscated Record Locator, Col 16, Line [26-30])  (Fig. 5. Col 9, Line [12-23]-Eigner discloses the secure platform 120 may obfuscate the altered original record locator RL, by applying a one-way obfuscation function including, for example, but not limited to, a hashing function (e.g., SHA-256). The secure platform 120 can generate and/or vary the                                                                                                                                                                          input of the one-way function (e.g., SHA-256) based on one), the storage system previously storing the stored data (Fig. 1, #140 is called first data store, Col 5, Line [37]) to be retrieved and a second indexical component (Fig. 4B, #425 is called second obfuscated Record Locator, Col 16, Line [28-30]) associated with the stored data (Fig. 4A-4B. Col 18, Line [12-15]-Eigner discloses the second fragment 420 is encrypted to generate a second encrypted fragment 615, which is associated and stored with the second obfuscated record locator 425.) the second indexical component being an integer value (Col 25, Line [22-25]-Eigner further discloses a type of security model used to secure the data ( e.g., encryption, obfuscation), and a type or format of character that the field value will contain (e.g., decimal, integer, character, string) determined using second user input (Fig. 3, #302 is called user passphrase, Col 16, Line [31]) and a first input obtained from a (Secure Platform 120) custodial entity, (Fig. 6A-B. Col 8, Line [41-48]-Eigner discloses the secure platform 120 can combine (e.g., concatenate in a particular order) the original record locator and/or the variable storage parameters associated with each fragment fi, ( e.g., username, user passphrase, current security model, data object type, and data object name) and execute a function (e.g., SHA-512) on the combination to generate an encryption key ei, for each fi.) the second indexical component (Fig. 4B, #425 is called second obfuscated Record Locator, Col 16, Line [28-30]) being derived using a computationally irreversible function such that the second user input (Fig. 3, #302 is called user passphrase, Col 16, Line [31]) and the first input (Fig. 4B, #410 is called first fragment, Col 16, Line [23]) obtained from the custodial entity (Secure platform 120) are not derivable from the second indexical component (Fig. 5. Col 17, Line [31-35]-Eigner discloses the secure platform 120 may combine (e.g.,concatenate in a certain order) the one or more variable storage parameters and execute a hashing function ( e.g., SHA-512) on the combination to generate at least one input to the one-way obfuscation function.);
receiving, at the storage system (Fig. 1, #160 is called third data store, Col 5, Line [38]), a third indexical component (Fig. 4B, #435 is called third obfuscated Record Locator, Col 16, Line [38])  from the user computing device (Fig. 4A-B. Col 16, Line [31-35]-Eigner discloses one or more original record locators (e.g., the first record locator 460, the second record locator 470, and the third record locator 480) have been obfuscated to generate unique obfuscated record locators for each of the first fragment 410, the second fragment 420, the third fragment 430, the fourth fragment 440, and the fifth), (Col 25, Line [22-25]-Eigner further discloses a type of security model used to secure the data ( e.g., encryption, obfuscation), and a type or format of character that the field value will contain (e.g., decimal, integer, character, string)), the third indexical component (Fig. 4B, #435 is called third obfuscated Record Locator, Col 16, Line [38]) being an integer value (Col 25, Line [22-25]-Eigner further discloses a type of security model used to secure the data ( e.g., encryption, obfuscation), and a type or format of character that the field value will contain (e.g., decimal, integer, character, string) generated by the user computing device (Fig. 1, #110 is called user device, Col 4, Line [28]) using the first user input (Fig. 3, #302 is called user passphrase, Col 16, Line [31]) and the first input (Fig. 4B, #410 is called first fragment, Col 16, Line [23])  obtained from the custodial entity (Secure Platform 120) such that the first user input (Fig. 3, #302 is called user passphrase, Col 16, Line [31]) and the first input (Fig. 4B, #410 is called first fragment, Col 16, Line [23]) obtained from the custodial entity (Secure Platform 120) are not derivable solely from the third indexical component integer (Fig. 6A-B. Col 8, Line [41-48]-Eigner discloses the secure platform 120 can combine (e.g., concatenate in a particular order) the original record locator and/or the variable storage parameters associated with each fragment fi, ( e.g., username, user passphrase, current security model, data object type, and data object name) and execute a function (e.g., SHA-512) on the combination to generate an encryption key ei, for each fi.);

locating, at the storage system stored data (Fig. 1, #140 is called first data store, Col 5, Line [37]), a storage location of the stored data using the first (Fig. 4B, #415 is called first obfuscated Record Locator, Col 16, Line [26-30]) , second (Fig. 4B, #425 is called second obfuscated Record Locator, Col 16, Line [28-30]) and third indexical components (Fig. 4B, #435 is called third obfuscated Record Locator, Col 16, Line [38]) (Fig. 14. Col 14, Line [10-19]-Eigner discloses the secure platform 120 can identify the storage location Si, (e.g., server and collection) at which each encrypted fragment ei,fi, of the decomposed data object is stored based on one or more variable storage parameters including, for example, but not limited to, a username, the user passphrase, a current security model, a type of the data object, a size of the data object, security requirements, performance requirements, and the original record locator RL, associated with each fragment of the decomposed data object.); 
and accessing (Col 20, Line [17-20]-Eigner discloses each data layer may be secured by a single encryption key. As such, the first encryption key 810 is the only encryption key required to provide access to the second encryption key 815 residing in a first data layer L1.), with the storage system (FIG. 1, #140, #150, #160… are the storage locations), the stored data from the storage location and sending the stored data to the user computing device (Fig. 10. Col 14, Line [39-46]-Eigner discloses based on the information provided by the data map and/or dynamically derived through one or more calculations, the secure platform 120 can retrieve each fragment fi, from a storage location Si, at which the fragment is fi stored. The secure platform 12 can further decrypt each fragment fi using the corresponding encryption key ei and reconstruct the original data object from the fragments f1 ... fn.).

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.

Claims 2 is rejected under 35 U.S.C. 103 as being unpatentable over Eigner et al. (US Patent No.: 10,657,283 B2), hereinafter referenced as Eigner in view of Yi et al. (US 2008/0181413 Al), hereinafter referenced as Yi.


Regarding claim 2, Eigner in view of Stern teaches the method of claim 1, Eigner in view of Stern fails to explicitly teach further comprising comparing the first indexical component to a product of the second indexical component and the third indexical component and only sending the stored data if the third indexical component matches the product of the second indexical component and the third indexical component
However, Yi explicitly teaches further comprising comparing the first indexical component to a product of the second indexical component and the third indexical component and only sending the stored data if the third indexical component matches the product of the second indexical component and the third indexical component (Fig. 4. Para. [0066-0071]-Yi discloses The random symmetric matrix has the private key as a first element and is a txt-sized matrix in which the remaining elements are represented as D,,1E(O,cp(N)- l ), where cp(N) is represented as cp(N)=(p-1 )( q-1) of an Euler function, and N denotes the product of the two prime numbers p and q…At block S401, a dealer node generates a public key and a private key using two prime numbers. The two prime numbers p and q are used as an RSA parameter in order to generate public keys e and N and a secret key d.). (According to the Yi teaching, it explains how to retrieve a stored data at a specific location in the database, by generating a key share for each specific node applying the Euclidean algorithm for example: N = p*q).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Yin’s system into Eigner’s system for obtaining a heavy use distributed and decentralized systems among computing devices, storage systems and other components for transferring, retrieving, storing encrypted data and compromising user's access rights due to malicious attack and loss devices, with a motivation to provide a distributed Rivest Shamir Adleman (RSA) signature generation method in an ad-hoc network, and a node of an ad-hoc network, which can distribute key share information, which is generated using a maximum distance separable (MDS) code and a random symmetric matrix, to a node configuring the ad-hoc network, and can generate an RSA signature using a predetermined plurality of segments of the key share information, thereby sharing a distributed signature generation function without interaction among nodes. Aspects of the present invention also provide a distributed RSA signature generation method in an ad-hoc network, and a node of an ad-hoc network, which can determine validity with respect to a partial signature and key share information using a witness and a partial signature witness, thereby securely sharing a distributed signature generation function. (Yi, para. 0020-0021]).


Claims 3-6, 10 and 11, are rejected under 35 U.S.C. 103 as being unpatentable over Eigner et al. (US Patent No.: 10,657,283 B2), hereinafter referenced as Eigner in view of Stern (US-20060053288-A1), hereinafter referenced as Stern.

Regarding claim 3, Eigner in view of Stern teaches the method of claim 1, Eigner fails to explicitly teach wherein the second user input is derived using a key generation function that uses as input a user password or user biometric data.
However, Stern explicitly teaches wherein the second user input is derived using a key generation function that uses as input a user password or user biometric data. (Para. [0008]-Stern et al. discloses using personal cryptographic data that is intrinsic to its owner and therefore does not require a hardware storage means. This type of personal cryptographic data encompasses passwords memorized by their owner and biometric data, such as fingerprints and retinal images.) and (Para. [0020] and [0021]-Stern et al. further discloses the user enters his password in the workstation; the workstation converts the password into a symmetric encryption key by applying a hashing algorithm;).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Stern’s system into Eigner ’s system for obtaining a heavy use distributed and decentralized systems among computing devices, storage systems and other components for transferring, retrieving, storing encrypted data and compromising user's access rights due to malicious attack and loss devices, with a motivation of using personal cryptographic data that is intrinsic to its owner and therefore does not require a hardware storage means. This type of personal cryptographic data encompasses passwords memorized by their owner and biometric data, such as fingerprints and retinal images. (Stern, para. 0008]).


Regarding claim 4, Eigner in view of Stern teaches the method of claim 1, Eigner fails to explicitly teach wherein the first user input is a randomly generated integer.
However, Stern explicitly teaches wherein the first user input is a randomly generated integer. (Para. [0147]-Stern et al. discloses A randomly chooses an integer a modulo q; this choice is made uniformly between 0 and q-1 (inclusive).) and (Para. [0058]-Stern et al. further discloses said interface device chooses a first integer corresponding to a first element of a predefined group and said first server device chooses a second integer corresponding to a second element of said group).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Stern’s system into Eigner ’s system for obtaining a heavy use distributed and decentralized systems among computing devices, storage systems and other components for transferring, retrieving, storing encrypted data and compromising user's access rights due to malicious attack and loss devices, with a motivation of using the security of the Diffie-Hellman protocol is based on the difficulty in finding the integer a, because a is chosen randomly, from g" mod p. (Stern, para. 0155]).

Regarding claim 5, Eigner in view of Stern teaches the method of claim 1, Eigner fails to explicitly teach further comprising receiving from the user computing device a version of the digitally signed version of the first indexical component that is digitally signed by the custodial entity.
However, Stern explicitly teaches further comprising receiving from the user computing device a version of the digitally signed version (Para. [0109]-Stern et al discloses the device consists of an electronic mail management program, said means of using the personal cryptographic data comprising a cryptographic module for signing, encrypting and/or decrypting electronic mail using at least some of said personal cryptographic data.) of the first indexical component that is digitally signed by the custodial entity (Fig. 7, Para. [0161]-Stern discloses the interface device signs the public key PB using the private key KR and sends the signed public key PB and the certificate A to the key server 3.).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Stern’s system into Eigner ’s system for obtaining a heavy use distributed and decentralized systems among computing devices, storage systems and other components for transferring, retrieving, storing encrypted data and compromising user's access rights due to malicious attack and loss devices, with a motivation to reinforce the security of the personal data stored on the key server 3, the latter is preferably located in a location protected by shielding and/or access restrictions. (Stern, para. 0128]).

Regarding claim 6, Eigner in view of Stern teaches the method of claim 1, Eigner fails to explicitly teach wherein the first input obtained from the custodial entity is derived using a challenge-response protocol in which the custodial entity presents a challenge to the user of the user computing device to authenticate the user.
However, Stern explicitly teaches wherein the first input obtained from the custodial entity (Fig. 7, Para. [0133]-Stern discloses the user has his public key KB certified by a certification authority, which can be an independent entity (not shown) or the key server 3) is derived using a challenge-response protocol in which the custodial entity presents a challenge to the user of the user computing device to authenticate the user (Para. [0140]-Stern discloses the interface device sets up a secured communication with the key server 3 via the network 1. For this, the SSL standard protocol can be used, which ensures the confidentiality and integrity of the data exchanged between the interface device and the key server 3, as well as the authentication of the key server 3 with the interface device.).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Stern’s system into Eigner ’s system for obtaining a heavy use distributed and decentralized systems among computing devices, storage systems and other components for transferring, retrieving, storing encrypted data and compromising user's access rights due to malicious attack and loss devices, with a motivation of the SSL standard protocol can be used, which ensures the confidentiality and integrity of the data exchanged between the interface device and the key server 3, as well as the authentication of the key server 3 with the interface device. (Stern, para. 0140]).

Regarding claim 10, Eigner in view of Stern teaches the method of claim 1, Eigner fails to explicitly teach wherein the second indexical component has previously been received from the user computing device.
However, Stern explicitly teaches wherein the second indexical component has previously been received from the user computing device (Para. [0100]-Stern discloses the key server 3 transmits to the interface device the public certificate CA, the public key PA and an electronic signature of the public key PA by the private key SR.) (According to the description from the specification of the prior art, one indexical component and a signed copy were received from user and held by custodian. Stern discloses the key server 3 (custodian), SR (indexical component) and electric signature of the public key (a signed copy)).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Stern’s system into Eigner ’s system for obtaining a heavy use distributed and decentralized systems among computing devices, storage systems and other components for transferring, retrieving, storing encrypted data and compromising user's access rights due to malicious attack and loss devices, with a motivation of the code entered by the user of the interface device is used to authenticate the latter to the first server and the personal cryptographic data is sent to the user only when he has proved that he knows the authentic code, which prevents a third party from receiving the encrypted personal cryptographic data to try to break its encryption by systematic tests. (Stern, para. 0075]).

Regarding claim 11, Eigner in view of Stern teaches the method of claim 1, Eigner fails to explicitly teach wherein the second indexical component is further determined using the first user input, the second indexical component being derived using a computationally irreversible function such that the first user input, the second user input and the first input obtained from the custodial entity are not derivable from the second indexical component.
However, Stern explicitly teaches wherein the second indexical component is further determined using the first user input (Para. [0078]-Stern discloses said personal code verification data stored in the first server device comprising a similar transform of said authentic code.) (authentic code is similar to the first input from custodian), the second indexical component (Para. [0132]-Stern discloses a pair of keys formed by a public key KB and a corresponding private key KR is generated) (KR represents a location where data is stored, so, it is an indexical component) being derived using a computationally irreversible function such that the first user input, the second user input and the first input obtained from the custodial entity are not derivable from the second indexical component (Para. [0049] The deterministic function can be the identity function, in which case the first server device stores the authentic code itself. Advantageously, said deterministic function is a collision-resistant, irreversible function, in particular a cryptographic hashing function).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Stern’s system into Eigner ’s system for obtaining a heavy use distributed and decentralized systems among computing devices, storage systems and other components for transferring, retrieving, storing encrypted data and compromising user's access rights due to malicious attack and loss devices, with a motivation of the code entered by the user of the interface device is used to authenticate the latter to the first server and the personal cryptographic data is sent to the user only when he has proved that he knows the authentic code, which prevents a third party from receiving the encrypted personal cryptographic data to try to break its encryption by systematic tests. (Stern, para. 0075]).

Claims 7, 8 and 9 are rejected under 35 U.S.C. 103 as being unpatentable over Eigner et al. (US Patent No.: 10,657,283 B2), hereinafter referenced as Eigner in view of Murphy (US-20200005295-A1), hereinafter referenced as Murphy.
Regarding claim 7, Eigner in view of Murphy teaches the method of claim 1, Eigner fails to explicitly teach wherein the stored data represents one of a plurality of fragments of a private key of a user of the user computing device.
However, Murphy explicitly teaches wherein the stored data represents one of a plurality of fragments of a private key of a user of the user computing device (Para. [0259]-Murphy discloses fragments and/or identifiers may be stored in encrypted according to a single encryption key, encrypted according to multiple encryption keys, encrypted with different encryption keys or sets of encryption keys for the fragments and identifiers or unencrypted).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Murphy’s system into Stern’s system for obtaining a heavy use distributed and decentralized systems among computing devices, storage systems and other components for transferring, retrieving, storing encrypted data and compromising user's access rights due to malicious attack and loss devices, with a motivation to remove the direct interchange of location data between the two devices by having each device separately grant permissions to a single centralized system or separate portions of a de-centralized system which secure and hide the identity of the location data from the other device(s) pertaining to the transaction. (Murphy, para. 0132]).

Regarding claim 8, Eigner in view of Murphy teaches the method of claim 7, Eigner fails to explicitly teach further comprising repeating the receiving, locating and accessing steps for each remaining one of the fragments such that the stored data is able to be reassembled from all the fragments that are received by the user computing device.
However, Murphy explicitly teaches further comprising repeating the receiving, locating and accessing steps for each remaining one of the fragments such that the stored data is able to be reassembled from all the fragments that are received by the user computing device (Para. [0259]-Murphy discloses information transmitted between devices may be in a single message/packet of data or it may be fragmented over multiple messages/packets of data. Where multiple messages/packets of data are employed then these may be stored within different locations, in the same location but different memory or storage devices. Where multiple messages/packets of data are employed each message or packet of data may include an identifier such that the original information may be reconstructed from the multiple messages/packets of data due to these identifiers.).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Murphy’s system into Stern’s system for obtaining a heavy use distributed and decentralized systems among computing devices, storage systems and other components for transferring, retrieving, storing encrypted data and compromising user's access rights due to malicious attack and loss devices, with a motivation to remove the direct interchange of location data between the two devices by having each device separately grant permissions to a single centralized system or separate portions of a de-centralized system which secure and hide the identity of the location data from the other device(s) pertaining to the transaction. (Murphy, para. 0132]).

Regarding claim 9, Eigner in view of Murphy teaches the method of claim 8, Eigner explicitly teaches wherein the stored data is a private cryptographic key (Col. 2. Line [9-12]-Eigner discloses encrypting the first fragment using a first encryption key and the second fragment using a second encryption key; and storing, to at least a first of a plurality of storage locations.).


Claims 12-15 and 18, are rejected under 35 U.S.C. 103 as being unpatentable over Eigner et al. (US Patent No.: 10,657,283 B2), hereinafter referenced as Eigner in view of Stern (US-20060053288-A1), hereinafter referenced as Stern and further in view of Yi et al. (US 2008/0181413 Al), hereinafter referenced as Yi.


Regarding claim 12, Eigner in view of Stern teaches data A method for retrieving stored data of a user of a second user computing device (Fig. 1, #110 is called user device, Col 4, Line [28]), (Fig. 1. Col 4, Line [54-58]-Eigner discloses retrieve the data object as well as any metadata that may be associated with the data object by inputting, selecting, or otherwise invoking a getData() command through the UI provided via the user device 110.) the stored data being previously stored in a storage system (Fig. 1, #140 is called first data store, Col 5, Line [37]) by a first user computing device (Fig. 1, #110 is called user device, Col 4, Line [28]) (Fig. 1. Col 5, Line 1-3]-Eigner discloses between a user and the user's data object, portions of a data object, and portions of data objects stored at any one storage location).), comprising: 
Although, Eigner fails to explicitly teach generating, with the second computing device a second user input to be used to authenticate the user
However, Stern explicitly teaches generating, with the second computing device (Fig. 1, #4b is called interface device, Para. [0125]), a second user input (password P Para. [0137]) to be used to authenticate the user (Fig. 1, Para. [0062]-Stern discloses said at least one second server device using the authentication data of said user included in said personal cryptographic data.);
 Stern further teaches sending, from the second computing device, the second input to a custodial entity (Fig. 1, Para. [0066]-Stern discloses sending said encrypted content data to said at least one second server device to store said encrypted content data in said second server device and/or transmit it to a recipient.);
Stern teaches if the user is authenticated (Fig. 4, Para. [0062]-Stern discloses thus, the user of the interface device is authenticated with the key server 3 through the proof of identity formed by the certificate A), 
Stern further teaches receiving at the second computing device from the custodial entity (Fig. 1, Para. [0040]-Stern discloses using said personal cryptographic data to protect an exchange of content data between said interface device and said at least one second server device linked to said interface device by at least one data network,), a first custodial input (#A) (Fig. 7, Para. [0133]-Stern discloses the user thus obtains a digital certificate A which contains the public key KB and different data identifying its owner,), 
Although, Stern fails to explicitly teach a first indexical component and a version of the first indexical component digitally signed by the custodian.
Eigner explicitly teaches a first indexical component (Fig. 4B, #415 is called first obfuscated Record Locator, Col 16, Line [26-30]) and a version of the first indexical component digitally signed (Fig. 4B, #715 is called first encryption key, Col 19, Line [1-4]) by the custodian (Secure Platform 120) (Fig. 1. Col 5, Line 1-3]-Eigner discloses the data map may include one or more of an obfuscated record locator RLi', an encryption key ei, and a storage location Si for each fragment fi of the decomposed data object. In various embodiments, the data map may also include additional attributes associated with the original data object including, for example, but not limited to, the user passphrase, a name of the data object, and one or more content integrity verifiers (e.g., a message digest (MD) signature).), the first indexical component (Fig. 4B, #415 is called first obfuscated Record Locator, Col 16, Line [26-30])  being generated by the first computing device using a first user input (Fig. 3, #302 is called user passphrase, Col 16, Line [31]) and being received by the custodial entity (secure platform 120) from the first user computing device (Fig. 5. Col 9, Line [12-23]-Eigner discloses the secure platform 120 obfuscates the original record locator for each of the plurality of fragments to generate an obfuscated record locator for each of the plurality of fragments (214). As will be described in further details, the secure platform 120 can alter and/or obfuscate an original record locator RLi, for each fragment fi, of the plurality of fragments f1 ... fn to generate an obfuscated record locator RLi' based on one or more variable storage parameters including, for example, but not limited to, a username, the user passphrase, a current security model, a type of the data object, a size of the data object, security requirements, and performance requirements.), the first indexical component (Fig. 4B, #415 is called first obfuscated Record Locator, Col 16, Line [26-30]) being an integer value (Col 25, Line [22-25]-Eigner further discloses a type of security model used to secure the data ( e.g., encryption, obfuscation), and a type or format of character that the field value will contain (e.g., decimal, integer, character, string), and being derived using a computationally irreversible function such that the first user input is not derivable from the first indexical component (Fig. 5. Col 9, Line [12-23]-Eigner discloses the secure platform 120 may obfuscate the altered original record locator RLi by applying a one-way obfuscation function including, for example, but not limited to, a hashing function (e.g., SHA-256). The secure platform 120 can generate and/or vary the input of the one-way function (e.g., SHA-256) based on one), (Col 25, Line [22-25]-Eigner further discloses a type of security model used to secure the data ( e.g., encryption, obfuscation), and a type or format of character that the field value will contain (e.g., decimal, integer, character, string ), 
Although, Eigner fails to explicitly teach the storage system previously storing the stored data to be retrieved device
However, Stern explicitly teaches the storage system previously storing the stored data to be retrieved device (Para. [0044]-Stern discloses the storage of the personal data for the users in the first server device, including personal cryptographic data, means that this data can be made remotely accessible from an interface device linked to the first server device.) 
Although, Stern fails to explicitly teach and a second indexical component associated with the data
However, Eigner explicitly teaches and second a indexical component (Fig. 4B, #425 is called second obfuscated Record Locator, Col 16, Line [28-30]) associated with the data (Fig. 4A-4B. Col 18, Line [12-15]-Eigner discloses the second fragment 420 is encrypted to generate a second encrypted fragment 615, which is associated and stored with the second obfuscated record locator 425.), the second indexical component (Fig. 4B, #425 is called second obfuscated Record Locator, Col 16, Line [28-30]) being an integer value (Col 25, Line [22-25]-Eigner further discloses a type of security model used to secure the data ( e.g., encryption, obfuscation), and a type or format of character that the field value will contain (e.g., decimal, integer, character, string) generated using the second user input (Fig. 3, #302 is called user passphrase, Col 16, Line [31]) and the first custodial input (Fig. 4B, #715 is called first encryption key, Col 19, Line [1-4]), the second indexical component being generated by the first user computing device (Fig. 1, #110 is called user device, Col 4, Line [28]) and derived using a computationally irreversible function such that the second user input (Fig. 4B, #715 is called first encryption key, Col 19, Line [1-4]) (Fig. 3, #302 is called user passphrase, Col 16, Line [31]) and the first custodial input are not derivable from the second indexical component (Fig. 6A-B. Col 8, Line [41-48]-Eigner discloses the secure platform 120 can combine (e.g., concatenate in a particular order) the original record locator and/or the variable storage parameters associated with each fragment fi, ( e.g., username, user passphrase, current security model, data object type, and data object name) and execute a function (e.g., SHA-512) on the combination to generate an encryption key ei, for each fi.);
Eigner explicitly teaches generating, with the second computing device, a third indexical component (Fig. 4B, #435 is called third obfuscated Record Locator, Col 16, Line [38]), the third indexical component being an integer value (Col 25, Line [22-25]-Eigner further discloses a type of security model used to secure the data ( e.g., encryption, obfuscation), and a type or format of character that the field value will contain (e.g., decimal, integer, character, string) using the first custodial input (Fig. 4B, #410 is called first fragment, Col 16, Line [23]), the first user input and the first indexical component such that the first custodial input (Fig. 4B, #410 is called first fragment, Col 16, Line [23]), the first user input (Fig. 3, #302 is called user passphrase, Col 16, Line [31]) and the first indexical component (Fig. 4B, #415 is called first obfuscated Record Locator, Col 16, Line [26-30]) are not derivable solely from the third indexical component integer (Fig. 4A-B. Col 16, Line [31-35]-Eigner discloses one or more original record locators (e.g., the first record locator 460, the second record locator 470, and the third record locator 480) have been obfuscated to generate unique obfuscated record locators for each of the first fragment 410, the second fragment 420, the third fragment 430, the fourth fragment 440, and the fifth), (Col 25, Line [22-25]-Eigner further discloses a type of security model used to secure the data ( e.g., encryption, obfuscation), and a type or format of character that the field value will contain (e.g., decimal, integer, character, string)); 
Eigner further teaches sending to the storage system from the second computing device the first indexical component (Fig. 4B, #415 is called first obfuscated Record Locator, Col 16, Line [26-30]), the digitally signed version (Fig. 4B, #715 is called first encryption key, Col 19, Line [1-4]) of the first indexical component and the third indexical component (Fig. 4B, #435 is called third obfuscated Record Locator, Col 16, Line [38]) (Col 7, Line [12-17]-Eigner discloses the individual fragments of the user passphrases are further encrypted and stored with an obfuscated record locator across multiple local and/or remote storage locations including, for example, but not limited to, the second data store 150), the third data store 160, and the fourth data store 170.)  (Col 11, Line [44-51]-Eigner further discloses to store the data object, the secure platform 120 may have decomposed the data object into a plurality of fragments f1 . . . fn. The secure platform 120 may have further calculated an obfuscated record locator for each fragment fi encrypted each fragment fi using a corresponding encryption key ei, and distributed the plurality of fragments f1 ... fn for storage amongst multiple storage locations.); 
Eigner further teaches responsive to the sending, receiving at the second user computing device (Fig. 1, #110 is called user device, Col 4, Line [28]) from the storage system (Fig. 1, #140 is called first data store, Col 5, Line [37]) the stored data only if the storage system verifies the digitally signed version (Fig. 4B, #715 is called first encryption key, Col 19, Line [1-4]) of the first indexical component (in order to retrieve the data object, the secure platform 120 obtains and/or computes information required to retrieve and reconstruct the data object including, for example, but not limited to, an order index of fragments f1 ... fn (e.g., original record locators RLi ... RLn), an encryption key e, for each fragment fi, an obfuscated record locator RLi' for each fragment fi, and a storage location Si for each fragment fi.)
Eigner in view of Stern fails to explicitly teach and only if the storage system determines that the first indexical component is equal to a product of the second indexical component and the third indexical component.
However, Yi explicitly teaches and only if the storage system determines that the first indexical component is equal to a product of the second indexical component and the third indexical component (Fig. 4. Para. [0066-0071]-Yi discloses The random symmetric matrix has the private key as a first element and is a txt-sized matrix in which the remaining elements are represented as D,,1E(O,cp(N)- l ), where cp(N) is represented as cp(N)=(p-1 )( q-1) of an Euler function, and N denotes the product of the two prime numbers p and q…At block S401, a dealer node generates a public key and a private key using two prime numbers. The two prime numbers p and q are used as an RSA parameter in order to generate public keys e and N and a secret key d.). (According to the Yi teaching, it explains how to retrieve a stored data at a specific location in the database, by generating a key share for each specific node applying the Euclidean algorithm for example: N = p*q).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Yin’s system into Eigner’s system as modified by Stern, for obtaining a heavy use distributed and decentralized systems among computing devices, storage systems and other components for transferring, retrieving, storing encrypted data and compromising user's access rights due to malicious attack and loss devices, with a motivation to provide a distributed Rivest Shamir Adleman (RSA) signature generation method in an ad-hoc network, and a node of an ad-hoc network, which can distribute key share information, which is generated using a maximum distance separable (MDS) code and a random symmetric matrix, to a node configuring the ad-hoc network, and can generate an RSA signature using a predetermined plurality of segments of the key share information, thereby sharing a distributed signature generation function without interaction among nodes. Aspects of the present invention also provide a distributed RSA signature generation method in an ad-hoc network, and a node of an ad-hoc network, which can determine validity with respect to a partial signature and key share information using a witness and a partial signature witness, thereby securely sharing a distributed signature generation function. (Yi, para. 0020-0021]).


Regarding claim 13, Eigner in view of Stern and further in view of Yi teaches the method of claim 12, Eigner fails to explicitly teach further comprising sending from the second computing device to the custodial entity
However, Stern explicitly teaches further comprising sending from the second computing device (Fig. 1, #4b is called interface device, Para. [0125]) to the custodial entity (server 3, Para. [0127])
 	Stern fails to explicitly teach component a fourth indexical that is to replace the first indexical component when next storing the stored data with the storage system the fourth indexical component being an integer that is generated by the second computing device using a third user input.
 However, Eigner explicitly teaches component a fourth indexical (Fig. 4B, #445 is called fourth obfuscated Record Locator, Col 16, Line [40]) that is to replace the first indexical component (Fig. 4B, #415 is called first obfuscated Record Locator, Col 16, Line [26-30]) when next storing the stored data with the storage system (Fig. 1, #140 is called first data store, Col 5, Line [37]), the fourth indexical component indexical (Fig. 4B, #445 is called fourth obfuscated Record Locator, Col 16, Line [40]) being an integer (Col 25, Line [22-25]-Eigner further discloses a type of security model used to secure the data ( e.g., encryption, obfuscation), and a type or format of character that the field value will contain (e.g., decimal, integer, character, string) that is generated by the second computing device using a third user input (Fig. 3, #302 is called user passphrase, Col 16, Line [31]).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Yi’s system into Eigner’s system as modified by Stern, for obtaining a heavy use distributed and decentralized systems among computing devices, storage systems and other components for transferring, retrieving, storing encrypted data and compromising user's access rights due to malicious attack and loss devices, with a motivation to reinforce the security of the personal data stored on the key server 3, the latter is preferably located in a location protected by shielding and/or access restrictions. (Stern, para. 0128]).

Regarding claim 14, Eigner in view of Stern and further in view of Yi teaches

the method of claim 12, Eigner fails to explicitly teach wherein the second user input is derived using a key generation function that uses as input a user password or user biometric data.
 However, Stern explicitly teaches wherein the second user input is derived using a key generation function that uses as input a user password or user biometric data (Para. [0008]-Stern et al. discloses using personal cryptographic data that is intrinsic to its owner and therefore does not require a hardware storage means. This type of personal cryptographic data encompasses passwords memorized by their owner and biometric data, such as fingerprints and retinal images.) and (Para. [0020] and [0021]-Stern et al. further discloses the user enters his password in the workstation; the workstation converts the password into a symmetric encryption key by applying a hashing algorithm;).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Yi’s system into Eigner’s system as modified by Stern, for obtaining a heavy use distributed and decentralized systems among computing devices, storage systems and other components for transferring, retrieving, storing encrypted data and compromising user's access rights due to malicious attack and loss devices, with a motivation of using personal cryptographic data that is intrinsic to its owner and therefore does not require a hardware storage means. This type of personal cryptographic data encompasses passwords memorized by their owner and biometric data, such as fingerprints and retinal images. (Stern, para. 0008]).

Regarding claim 15, Eigner in view of Stern and further in view of Yi teaches the method of claim 12, Eigner fails to explicitly teach wherein the first user input is a randomly generated integer.
However, Stern explicitly teaches wherein the first user input is a randomly generated integer (Para. [0147]-Stern et al. discloses A randomly chooses an integer a modulo q; this choice is made uniformly between 0 and q-1 (inclusive).) and (Para. [0058]-Stern et al. further discloses said interface device chooses a first integer corresponding to a first element of a predefined group and said first server device chooses a second integer corresponding to a second element of said group).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Yi’s system into Eigner’s system as modified by Stern, for obtaining a heavy use distributed and decentralized systems among computing devices, storage systems and other components for transferring, retrieving, storing encrypted data and compromising user's access rights due to malicious attack and loss devices, with a motivation of using the security of the Diffie-Hellman protocol is based on the difficulty in finding the integer a, because a is chosen randomly, from g" mod p. (Stern, para. 0155]).

Regarding claim 18, Eigner in view of Stern and further in view of Yi teaches the method of claim 12, Eigner explicitly teaches wherein the stored data is a private cryptographic key (Col. 2. Line [9-12]-Eigner discloses encrypting the first fragment using a first encryption key and the second fragment using a second encryption key; and storing, to at least a first of a plurality of storage locations.).


Claims 16, 17 and 19, are rejected under 35 U.S.C. 103 as being unpatentable over Eigner in view of Stern and in further view of Yi as stated above and in further view of Murphy (US-20200005295-A1), hereinafter referenced as Murphy.

Regarding claim 16, Eigner in view of Stern and in further view of Yi teaches the method of claim 12, Stern further teaches wherein the first input obtained from the custodial entity (Fig. 7, Para. [0133]-Stern discloses the user has his public key KB certified by a certification authority, which can be an independent entity (not shown) or the key server 3) is derived using a challenge-response protocol in which the custodial entity presents a challenge to the user of the second user computing device to authenticate the user (Para. [0161]-Stern discloses the interface device sets up a secured communication with the key server 3 via the network 1. For this, the SSL standard protocol can be used, which ensures the confidentiality and integrity of the data exchanged between the interface device and the key server 3, as well as the authentication of the key server 3 with the interface device.),
Eigner in view of Stern and in further view of Yi fails to explicitly teach the user being a beneficiary of an original user of the first user computing device.
However, Murphy explicitly teaches the user being a beneficiary of an original user of the first user computing device (Para. [0110]-Murphy discloses a FT (“Financial Transaction”) may employ an additional monetary beneficiary party (TMBP), which receives the monetary value being forfeited upon a successful transaction directly or as an intermediary.) (The device can automatically transfer the FI (Financial Information) to a FT (financial transaction) as long as the user can provide information associated with the previous user FIs (Financial Information)).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Murphy’s system into Eigner’s system as modified by Stern for obtaining a heavy use distributed and decentralized systems among computing devices, storage systems and other components for transferring, retrieving, storing encrypted data and compromising user's access rights due to malicious attack and loss devices, with a motivation to authorizing an electronic transaction at a remote system absent direct communications between a requesting device and an authorizing device based upon establishing at least a match between an identity of a plurality of identities each relating to an authorized system within a predetermined geolocation threshold of a current geolocation of the requesting device and an identity of the requesting device relating to an electronic transaction with respect to a geolocation associated with a requester of the electronic transaction. (Murphy, para. [0019]).

Regarding claim 17, Eigner in view of Stern and in further view of Yi teaches the method of claim 12, Eigner in view of Stern and in further view of Yi fails to explicitly teach wherein the stored data represents one of a plurality of fragments of a private key of a user of the user computing device.
However, Murphy explicitly teaches wherein the stored data represents one of a plurality of fragments of a private key of a user of the user computing device (Para. [0259]-Murphy discloses fragments and/or identifiers may be stored in encrypted according to a single encryption key, encrypted according to multiple encryption keys, encrypted with different encryption keys or sets of encryption keys for the fragments and identifiers or unencrypted).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Murphy’s system into Eigner’s system as modified by Stern for obtaining a heavy use distributed and decentralized systems among computing devices, storage systems and other components for transferring, retrieving, storing encrypted data and compromising user's access rights due to malicious attack and loss devices, with a motivation to remove the direct interchange of location data between the two devices by having each device separately grant permissions to a single centralized system or separate portions of a de-centralized system which secure and hide the identity of the location data from the other device(s) pertaining to the transaction. (Murphy, para. 0132]).


Regarding claim 19, Eigner in view of Stern and in further view of Yi teaches the method of claim 17, Eigner in view of Stern and in further view of Yi fails to explicitly teach wherein the stored data is one of a plurality of fragments of a private cryptographic key.
However, Murphy explicitly teaches wherein the stored data is one of a plurality of fragments of a private cryptographic key (Para. [0259]-Murphy discloses fragments and/or identifiers may be stored in encrypted according to a single encryption key, encrypted according to multiple encryption keys, encrypted with different encryption keys or sets of encryption keys for the fragments and identifiers or unencrypted).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Murphy’s system into Eigner’s system as modified by Stern for obtaining a heavy use distributed and decentralized systems among computing devices, storage systems and other components for transferring, retrieving, storing encrypted data and compromising user's access rights due to malicious attack and loss devices, with a motivation to remove the direct interchange of location data between the two devices by having each device separately grant permissions to a single centralized system or separate portions of a de-centralized system which secure and hide the identity of the location data from the other device(s) pertaining to the transaction. (Murphy, para. 0132]).

Conclusion

Listed below are the prior arts made of record and not relied upon but are considered pertinent to applicant`s disclosure.
(a) 	Arava et al. – (US 20210240844 A1)- Methods for securing image, video and/or audio media data captured by a media recording device are disclosed. Various embodiments may include determining whether media data captured by the media recording device should be secured in response to the media recording device activating a media recording application, obtaining an encryption key in response to determining that media data captured by the media recording device should be secured, encrypting media data (e.g., image, video and/or audio data) captured by the media recording device using the obtained encryption key, and storing the encrypted media data. In some embodiments, determining that media data should be secured and obtaining the encryption key may be based on user inputs in response to prompts. In some embodiments, determining that media data should be secured may be based on whether the media recording device satisfies a geo-location criterion and the encryption key may be provided by a server ….…Fig. 1. Abstract.

(b)        Dean -   (US 20210006933 A1) - Systems, methods and computer-readable storage media utilized for institution security based on a security model in a computer network environment. One method includes receiving, by one or more processing circuits, data from one or more IoT devices associated with an institution. The method further includes determining, by the one or more processing circuits, a total count of people within an area. The method further includes determining, by the one or more processing circuits, a location for each people within the area. The method further includes identifying, by the one or more processing circuits, each people within the area and generating, by the one or more processing circuits, a security report................. Fig. 1. Abstract.
(c)        Murphy, Jean Louis – (CA 3053185 A1) - Mobile payments to Point-of-Sale (PoS) terminals, kiosks, vending systems etc. as well as mobile banking are increasingly common due to the electronic devices available. However, fraud is an ongoing issue. Embodiments of the invention support increased security by applying processes which allow for easy and secure development of financial transaction services and equipment. Accordingly, the location of the consumer performing the financial transaction is included within the process. Embodiments include a consumer being physically present to authorise irrespective of authorisation of their credentials, a consumer may establish preferred locations for transactions, a retailer and consumer may perform the transaction once the consumer has left the retail location through stored location data of the user's device. Embodiments of the invention also support financial transactions without a direct PoS transaction as the user's device and the PoS terminal broker the transaction in the cloud using location data........... Fig. 1. Abstract.
(d)        Huapaya et al. – (US 20210203657 A1)- A set of users who may authenticate is predefined and is associated, each, with a reference secret share. A first subset of users who has, each, to authenticate is predefined. The device defines a second subset of the users who has, each, to authenticate while further satisfying, each, to be physically proximate to the device and an authentication condition(s). The second user subset is comprised within the first user subset comprised within the user set. The device verifies whether each user of the second user subset satisfies to be physically proximate to the device and the authentication condition(s), if yes, requests, to each user device, the secret share and receives, from each user device relating to at least the first user subset, the secret share. The device reconstructs a secret with each received secret share, verifies whether the reconstructed matches the reference and, if yes, authenticates the user set……Fig. 1. Abstract.
(e)        Levovitz – (US 20120185397 A1)- Virtually fraud-proof authentication for wireless mobile financial transactions. A mobile telephone, genius card or dongle may capture multiple biometrics, such as fingerprint, voiceprint, retinal recognition data, facial biometric data, ear biometric data and bio print, iris scanning data, pupil movement recognition data, and send segments of each of them to a server computer that re-constitutes them and stores them for matching during an attempted financial transaction. A purchasing individual has multiple biometrics read by separate readers integrated into a single hand-held device. An automatic process of the server computer has previously sent a command packet to the hand-held device defining percentage and portion of each biometric to select and the sequence and channel of transmission for matching along with other out of band security data. During the charging phase, the hand-held device may utilize a slidable antenna for swiping a magnetic strip of a charge card reader or may display credit card data for a limited amount of time.......... Fig. 1. Abstract.
(f)        Prakash Gyan –( WO 2013101245 A1)- A method, device, and system for managing user authentication includes receiving authentication constraints of authentication data used to authenticate a user of a first computing device, such as a mobile computing device, to a second computing device, such as a financial data, e-commerce server or cloud-based service server. The first computing device automatically generates authentication data as a function of the authentication constraints. The authentication data may be embodied as a strong password and username. The authentication data may be updated or regenerated periodically or responsively to further increase the security of the authentication data. The user authentication data, authentication constraints, and history of transactions may be performed in a secure execution environment to further increase the security of the method, device, and system............ Fig. 1. Abstract.
(g)        Tomlinson Martin –(WO 2021048549 A1)- Systems and methods are described for implementing communication of data between a group of users in a communication system. In one implementation, a plurality of quorum portions of a private group signing key are generated and provided to each of a plurality of devices of the group of users, wherein a group digital signature is reconstructed from a predetermined minimum number of encrypted portions of the group digital signature, each generated by a respective device of the group of users using a corresponding quorum portion of the private group signing key. Each user device may digitally sign group output data using a respective private group signing key portion. A reconstructed group digital signature may be verified using a corresponding public group signing key. Other embodiments are also described and claimed............ Fig. 1. Abstract.




Any inquiry concerning this communication or earlier communications from the examiner should be directed to Nhat Tran whose telephone number is 571-338-4326.  The examiner can normally be reached on Monday -Friday, 7:00 am - 5:00 pm.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Amir Mehrmanesh can be reached on 571-270-3351.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.


/NT/Examiner, Art Unit 4163                                                                                                                                                                                                        
/AMIR MEHRMANESH/             Supervisory Patent Examiner, Art Unit 4163