DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . This office action is in response to the application filed on 06/13/2022. Claims 1-20 are pending.
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. 
                                          EXAMINER’S AMENDMENT
An examiner's amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.
Authorization for this examiner's amendment was given via email and phone conversation with Kevin Kunzendorf (Reg. No. 58308) on 09/02/2022. 
 The application has been amended as follows:
Please replace claim 1 with:
1. (currently amended): 	A method of operating a memory system, the method comprising:
writing, by a host device, first security data and a first timestamp for preventing a replay attack to a first memory area which is an external memory area;
updating, by the host device, a second timestamp based on the first timestamp, the second timestamp corresponding to the first timestamp and being stored in a second memory area distinguished from the first memory area;
receiving, by the host device, a first notification signal representing a result of the updating; and
completing a writing operation for the first security data when it is determined, by the host device, based on the first notification signal that the second timestamp is successfully updated
wherein writing the first security data and the first timestamp to the first memory area includes:
	encrypting, by the host device, the first security data;
	generating, by the host device, a first message authentication code for the encrypted first security data and the first timestamp; and
	transmitting, by the host device, the encrypted first security data and the first message authentication code to the first memory area, the encrypted first security data and the first message authentication code being stored in the first memory area.

Please cancel claim 6.

Please replace claim 7 with:
7. (currently amended): 	The method of  claim 1, further comprising:
reading, by the host device, the encrypted first security data and the first message authentication code from the first memory area; and
checking, by the host device based on the first timestamp, whether the replay attack has occurred on the first security data.

Please replace claim 15 with:
15. (currently amended):  	A memory system comprising:
a host device configured to process first security data and a first timestamp for preventing a replay attack;
a nonvolatile memory device controlled by the host device, disposed outside the host device, and including a first memory area in which the first security data and the first timestamp are written; and
a secure nonvolatile memory device controlled by the host device, formed separately from the nonvolatile memory device, and including a second memory area in which a second timestamp corresponding to the first timestamp is written,
wherein the host device is configured to write the first security data and the first timestamp to the first memory area, and to update the second timestamp based on the first timestamp,
wherein the secure nonvolatile memory device is configured to generate a first notification signal representing a result of updating the second timestamp, 
wherein the host device is configured to complete a writing operation for the first security data when it is determined based on the first notification signal that the second timestamp is successfully updated, and
wherein to write the first security data and the first timestamp to the first memory area, the host device is configured to encrypt the first security data, generate a first message authentication code for the encrypted first security data and the first timestamp, and write the encrypted first security data and the first message authentication code to the first memory area.

Please replace claim 20 with:

20. (currently amended):  	A memory system comprising:
a host device configured to process first security data and a first timestamp for preventing a replay attack; and
a nonvolatile memory device controlled by the host device, disposed outside the host device, including a first memory area in which the first security data and the first timestamp are written, and including a second memory area in which a second timestamp corresponding to the first timestamp is written, the second memory area being distinguished from the first memory area,
wherein the secure host device is configured to write the first security data and the first timestamp to the first memory area, and to update the second timestamp based on the first timestamp,
wherein the nonvolatile memory device is configured to generate a first notification signal representing a result of updating the second timestamp, 
wherein the host device is configured to complete a writing operation for the first security data when it is determined based on the first notification signal that the second timestamp is successfully updated, and
wherein to write the first security data and the first timestamp to the first memory area, the host device is configured to encrypt the first security data, generate a first message authentication code for the encrypted first security data and the first timestamp, and write the encrypted first security data and the first message authentication code to the first memory area.

Allowable Subject Matter
Claims 1-5, and 7-20 are allowed.
The following is an examiner’s statement of reasons for allowance:
The present invention is relating to in a method of operating a memory system, first security data and a first timestamp for preventing a replay attack are written by a host device to a first memory area which is an external memory area. A second timestamp is updated by the host device based on the first timestamp. The second timestamp corresponding to the first timestamp is stored in a second memory area distinguished from the first memory area. A first notification signal representing a result of updating the second timestamp is received by the host device. A writing operation for the first security data is completed when it is determined, by the host device, based on the first notification signal that the second timestamp is successfully updated.
Regarding claim 1, although the prior art of record teaches writing, by a host device, first security data and a first timestamp for preventing a replay attack to a first memory area which is an external memory area; updating, by the host device, a second timestamp based on the first timestamp, the second timestamp corresponding to the first timestamp and being stored in a second memory area distinguished from the first memory area; receiving, by the host device, a first notification signal representing a result of the updating; and completing a writing operation for the first security data when it is determined, by the host device, based on the first notification signal that the second timestamp is successfully updated.
 None of the prior art, alone or in combination teaches wherein writing the first security data and the first timestamp to the first memory area includes: encrypting, by the host device, the first security data; generating, by the host device, a first message authentication code for the encrypted first security data and the first timestamp; and transmitting, by the host device, the encrypted first security data and the first message authentication code to the first memory area, the encrypted first security data and the first message authentication code being stored in the first memory area in view of the other limitations of claim 1.
Regarding claim 15, although the prior art of record teaches a host device configured to process first security data and a first timestamp for preventing a replay attack; a nonvolatile memory device controlled by the host device, disposed outside the host device, and including a first memory area in which the first security data and the first timestamp are written; and a secure nonvolatile memory device controlled by the host device, formed separately from the nonvolatile memory device, and including a second memory area in which a second timestamp corresponding to the first timestamp is written, wherein the host device is configured to write the first security data and the first timestamp to the first memory area, and to update the second timestamp based on the first timestamp, wherein the secure nonvolatile memory device is configured to generate a first notification signal representing a result of updating the second timestamp.
 None of the prior art, alone or in combination teaches wherein to write the first security data and the first timestamp to the first memory area, the host device is configured to encrypt the first security data, generate a first message authentication code for the encrypted first security data and the first timestamp, and write the encrypted first security data and the first message authentication code to the first memory area in view of the other limitations of claim 15.
Regarding claim 20, although the prior art of record teaches a host device configured to process first security data and a first timestamp for preventing a replay attack; and a nonvolatile memory device controlled by the host device, disposed outside the host device, including a first memory area in which the first security data and the first timestamp are written, and including a second memory area in which a second timestamp corresponding to the first timestamp is written, the second memory area being distinguished from the first memory area, wherein the host device is configured to write the first security data and the first timestamp to the first memory area, and to update the second timestamp based on the first timestamp, wherein the nonvolatile memory device is configured to generate a first notification signal representing a result of updating the second timestamp, wherein the host device is configured to complete a writing operation for the first security data when it is determined based on the first notification signal that the second timestamp is successfully updated.
 None of the prior art, alone or in combination teaches wherein to write the first security data and the first timestamp to the first memory area, the host device is configured to encrypt the first security data, generate a first message authentication code for the encrypted first security data and the first timestamp, and write the encrypted first security data and the first message authentication code to the first memory area in view of the other limitations of claim 20.
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SHAHRIAR ZARRINEH whose telephone number is (571)272-1207. The examiner can normally be reached Monday-Friday, 8:30am-5:30pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jorge Ortiz-Criado can be reached on 571-272-7624. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/SHAHRIAR ZARRINEH/Examiner, Art Unit 2496