DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Status of Claims
Claims 6-25 are pending.  Claims 1-5 are cancelled.

Information Disclosure Statement
The information disclosure statement (IDS) submitted on 7/24/2020 is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.

Claim Objections
Claims 6, 12, 19 are objected to because of the following informalities:  
Claims 6, 12, and 19 each contain the limitation “receiv[ing] an message”.  
Appropriate correction is required.

Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.


Claims 12-18 are rejected under 35 U.S.C. 101 because the claimed invention is directed to non-statutory subject matter.  The claim(s) does/do not fall within at least one of the four categories of patent eligible subject matter because the claim recites “a computer readable storage medium”, which can be interpreted as a carrier wave or signal, which does not fall under one of the four statutory categories.  None of claims 13-18 fix this and are therefore rejected for the same reasons.  In order to fix this, Examiner recommends language such as “a non-transitory computer readable storage medium”.

Claim Rejections - 35 USC § 112
The following is a quotation of the first paragraph of 35 U.S.C. 112(a):
(a) IN GENERAL.—The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor or joint inventor of carrying out the invention.

The following is a quotation of the first paragraph of pre-AIA  35 U.S.C. 112:
The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor of carrying out his invention.

The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claims 6-25 are rejected under 35 U.S.C. 112(a) or 35 U.S.C. 112 (pre-AIA ), first paragraph, as failing to comply with the enablement requirement.  The claim(s) contains subject matter which was not described in the specification in such a way as to enable one skilled in the art to which it pertains, or with which it is most nearly connected, to make and/or use the invention. Claim 6 contains the subject matter “polymorphic key progression”.  It is not disclosed anywhere in the specification and claims what “polymorphic key progression” is or how it functions.  The only reference in the specification is to “using the CipherLoc® polymorphic key progression algorithmic cipher engine”, e.g. page 17 line 30-31.  A search of the prior art reveals that this is not a known term in the art.  In fact, the only reference to “polymorphic key progression” appears to be Applicant’s own publications, which also do not describe the concept in sufficient detail to be enabling.  Therefore, claim 6 fails to comply with the enablement requirement for failing to describe the function of a “polymorphic key progression” algorithm.  Dependent claims 7-11 fail to fix this and are therefore rejected for the same reasons.  Claims 12-18 and 19-25 contain corresponding subject matter and are therefore rejected for corresponding reasons.  For the purposes of art rejection, “polymorphic key progression” will be construed as “polymorphic encryption”, various forms of which are known in the art.

Claims 9, 16, 23 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.  The term “other functions” in claim 9 is a relative term which renders the claim indefinite. The term “other functions” is not defined by the claim, the specification does not provide a standard for ascertaining the requisite degree, and one of ordinary skill in the art would not be reasonably apprised of the scope of the invention.  The complete limitation, “other functions that result in non-repeating values of at least the size of a key space”, have nearly unlimited scope within the context of the limitation, as “other functions” could refer to almost any function which generates a value.  The claim is therefore indefinite.  Claims 16 and 23 contain corresponding subject matter and are therefore rejected for corresponding reasons.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claim(s) 6, 8-10, 12, 14-17, 19, 21-24 is/are rejected under 35 U.S.C. 103 as being unpatentable over Schrijen et al (PGPUB 2012/0072737), and further in view of Parrish (PGPUB 2013/0028410).

Regarding Claim 12:
Schrijen teaches a computer readable storage medium having program instructions embodied therewith, the program instructions executable by a hardware processor to cause the hardware processor to perform a method comprising (paragraph 51-52, computer implemented method): 
performing an initialization sequence (paragraph 138, initial bit-string producer produces an initial bit-string); 
determining a partial key having a unique signature, wherein the unique signature is determined using a physically unclonable function (paragraph 9, one way of constructing a physical uncloneable function (PUF) uses static random access memory (SRAM); paragraph 109, physical system comprising SRAM memory, which is read out by initial bit-string producer after powering SRAM but before data is written to the SRAM memory; paragraph 110, initial bit-string producer is coupled to normalizer for normalization of the initial bit-string; normalizer establishes in dependency on the initial bit-string a first correctable bit string; paragraph 112, error corrector maps first correctable bit-string to first code word (i.e. signature); paragraph 47, unique bit-string, such as reproducible code word); 
determining a class function, wherein the class function is chosen from a predetermined list of class functions (paragraph 178, key derivation algorithm comprises selecting a hash function from a family of hash functions in dependence upon the index; paragraph 183, as an example, for the family of hash functions, a so-called polynomial hash could be used; the polynomial hash is an example of a universal hash function); 
determining an initialization vector (paragraph 185, a mask, e.g. a random code word, is added to the message m); 
calculating a final key, wherein the final key is calculated using the class function and at least the initialization vector and unique signature as inputs into the class function (paragraph 178, the key derivation algorithm comprises selecting a hash function from a family of hash functions in dependence upon the index; the key establisher is configured for applying said selected hash function to the first code word; removing the effect of the randomizing component is dependent on the selected hash function applied to the randomizing component; paragraph 184, the polynomial hash is defined as follows: a message m, in our case the first code word, is portioned into parts of length n bits, the final part may be padded if necessary; that is m=m1||m2||. . . . ||ml; the hash function corresponding to index k is defined as G_k(m)=Sigma (mi.k^i) herein the computation is done over the field GF(2 n); paragraph 185, if a mask, e.g. a random code word, is added to the message, and thereby to the message blocks, this will go right through the formula and can be removed by computing the hash of the mask; key therefore depends on first code word and random mask input to class function (chosen hash)).
Schrijen does not explicitly teach receiving an message; 
encrypting the message using the final key and polymorphic key progression; 
storing the final key on a memory; and 
transmitting the encrypted message to a node.
However, Parrish teaches the concept of receiving a message (paragraph 43, present invention introduces innovative strategies and concepts that revolutionize encryption technology based on the concepts of traditional rotor machines; the stream cipher of the present invention effectively constitutes a virtual polymorphic chamber that pseudo-randomly generates essentially aperiodic sequences of virtual dynamic rotor machines, each used to encrypt only a single plaintext byte; paragraph 67, Fig. 2, a plaintext message to be processed is received); 
encrypting the message using a final key and polymorphic key progression (paragraph 43, polymorphic cryptors for encrypting plaintext; paragraph 67, Fig. 2, encryption session is created by initializing the internal state variables based on a set of initialization parameters; initialization parameters established using sessionstring and shared-secret keys (i.e. “final key”); paragraph 69, N cryptors are installed in the virtual cryptor machine in the order selected; all N cryptors are sequentially applied in the order installed to encrypt the plaintext byte; the encrypted data byte is stored as the next ciphertext byte; if all plaintext bytes of the received message have been encrypted, the ciphertext message is output); 
storing the final key on a memory (paragraph 130, initialization parameters based on sessionstring and/or secret-key information provided by previous key information stored in database); and 
transmitting the encrypted message to a node (paragraph 65, second entity receives ciphertext from first entity).
It would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to combine the encrypting a message using polymorphic cryptors teachings of Parrish with the PUF key generation teachings of Schrijen, in order to use the highly randomized key generation techniques of Schrijen (resulting in high entropy and corresponding high security) in a polymorphic cryptosystem, thereby adding the benefit of substantially increased randomness by building a one-time-use algorithm comprised of a large plurality of dynamic codewheels (referred to herein as "cryptors") whose monoalphabetic cipher contents are constantly subject to unpredictable alterations prior to each process iteration, and eliminates all static aspects of conventional rotor machines (e.g. Parrish, paragraph 43), rendering certain types of side channel attacks impossible.

Regarding Claim 14:
Schrijen in view of Parrish teaches the method of claim 12.  In addition, Schrijen teaches wherein the physically unclonable function is derived from a static random access memory (paragraph 9, one way of constructing a physical uncloneable function (PUF) uses static random access memory (SRAM)), dynamic random access memory, flash memory, resistive random access memory, and/or magneto-resistive random access memory.

Regarding Claim 15:
Schrijen in view of Parrish teaches the method of claim 12.  In addition, Schrijen teaches wherein the processor is a Field Programmable Gate Array processor (paragraph 14, electronic circuit comprising FPGA).

Regarding Claim 16:
Schrijen in view of Parrish teaches the method of claim 12.  In addition, Schrijen teaches wherein the class function is selected from a group consisting of: 
an identity function, XOR function, combinations of binary primitive functions, trigonometric functions, locations of portion of an irrational number sequence, and/or other functions that result in non-repeating values of at least the size of a key space (paragraph 178-179, other function resulting in non-repeating value of a key, i.e. “at least the size of a key space”).

Regarding Claim 17:
Schrijen in view of Parrish teaches the method of claim 1.  In addition, Schrijen teaches wherein the class function is chosen using a handshake protocol (paragraph 177-179, index establisher may for example comprise a random number generator for generating the index; when the cryptographic key is used for communications with some other party then cryptographic system 100 is arranged to communicate the index to the other party), frequent and irregular seeding, interleaved randomized seeding data in the message, and/or using a key progression value.

Regarding Claims 6, 8-10:
	These are the method claims corresponding to the medium of claims 12, 14, 16-17, respectively, and are therefore rejected for corresponding reasons.

Regarding Claim 19:
Schrijen teaches a system for communicating encoded messages, comprising: 
a first node having a first memory (paragraph 109, memory); 
a first processor electrically coupled to the first memory, wherein the first processor is configured to (paragraph 14, programmable logic device): 
perform an initialization sequence (paragraph 138, initial bit-string producer produces an initial bit-string); 
determine a partial key having a unique signature, wherein the unique signature is determined using a physically unclonable function (paragraph 9, one way of constructing a physical uncloneable function (PUF) uses static random access memory (SRAM); paragraph 109, physical system comprising SRAM memory, which is read out by initial bit-string producer after powering SRAM but before data is written to the SRAM memory; paragraph 110, initial bit-string producer is coupled to normalizer for normalization of the initial bit-string; normalizer establishes in dependency on the initial bit-string a first correctable bit string; paragraph 112, error corrector maps first correctable bit-string to first code word (i.e. signature); paragraph 47, unique bit-string, such as reproducible code word); 
calculate a final key, wherein the final key is calculated using a class function and at least the partial key as inputs into the class function (paragraph 178, the key derivation algorithm comprises selecting a hash function from a family of hash functions in dependence upon the index; the key establisher is configured for applying said selected hash function to the first code word; removing the effect of the randomizing component is dependent on the selected hash function applied to the randomizing component; paragraph 184, the polynomial hash is defined as follows: a message m, in our case the first code word, is portioned into parts of length n bits, the final part may be padded if necessary; that is m=m1||m2||. . . . ||ml; the hash function corresponding to index k is defined as G_k(m)=Sigma (mi.k^i) herein the computation is done over the field GF(2 n); paragraph 185, if a mask, e.g. a random code word, is added to the message, and thereby to the message blocks, this will go right through the formula and can be removed by computing the hash of the mask; key therefore depends on first code word and random mask input to class function (chosen hash)).
Schrijen does not explicitly teach the processor configured to receive an message; 
encrypt the message using the final key and polymorphic key progression; 
store the final key on the first memory; and 
transmit the encrypted message to a second node having at least a second memory and a second processor.
However, Parrish teaches the concept of a processor configured to receive a message (paragraph 43, present invention introduces innovative strategies and concepts that revolutionize encryption technology based on the concepts of traditional rotor machines; the stream cipher of the present invention effectively constitutes a virtual polymorphic chamber that pseudo-randomly generates essentially aperiodic sequences of virtual dynamic rotor machines, each used to encrypt only a single plaintext byte; paragraph 67, Fig. 2, a plaintext message to be processed is received); 
encrypt the message using a final key and polymorphic key progression (paragraph 43, polymorphic cryptors for encrypting plaintext; paragraph 67, Fig. 2, encryption session is created by initializing the internal state variables based on a set of initialization parameters; initialization parameters established using sessionstring and shared-secret keys (i.e. “final key”); paragraph 69, N cryptors are installed in the virtual cryptor machine in the order selected; all N cryptors are sequentially applied in the order installed to encrypt the plaintext byte; the encrypted data byte is stored as the next ciphertext byte; if all plaintext bytes of the received message have been encrypted, the ciphertext message is output); 
store the final key on a first memory (paragraph 130, initialization parameters based on sessionstring and/or secret-key information provided by previous key information stored in database); and 
transmitting the encrypted message to a second node having at least a second memory and a second processor (paragraph 63, decryption processor; paragraph 65, second entity receives ciphertext from first entity; paragraph 128, non-transitory storage medium).
It would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to combine the encrypting a message using polymorphic cryptors teachings of Parrish with the PUF key generation teachings of Schrijen, in order to use the highly randomized key generation techniques of Schrijen (resulting in high entropy and corresponding high security) in a polymorphic cryptosystem, thereby adding the benefit of substantially increased randomness by building a one-time-use algorithm comprised of a large plurality of dynamic codewheels (referred to herein as "cryptors") whose monoalphabetic cipher contents are constantly subject to unpredictable alterations prior to each process iteration, and eliminates all static aspects of conventional rotor machines (e.g. Parrish, paragraph 43), rendering certain types of side channel attacks impossible.

Regarding Claim 21:
Schrijen in view of Parrish teaches the system of claim 19.  In addition, Schrijen teaches wherein the physically unclonable function is derived from a static random access memory (paragraph 9, one way of constructing a physical uncloneable function (PUF) uses static random access memory (SRAM)), dynamic random access memory, flash memory, resistive random access memory, and/or magneto-resistive random access memory.

Regarding Claim 22:
Schrijen in view of Parrish teaches the system of claim 19.  In addition, Schrijen teaches wherein both the first processor and the second processor are a Field Programmable Gate Array (paragraph 14, electronic circuit comprising FPGA).

Regarding Claim 23:
Schrijen in view of Parrish teaches the system of claim 19.  In addition, Schrijen teaches wherein the class function is selected from a group consisting of: 
an identity function, XOR function, combinations of binary primitive functions, trigonometric functions, locations of portion of an irrational number sequence, and/or other functions that result in non-repeating values of at least the size of a key space (paragraph 178-179, other function resulting in non-repeating value of a key, i.e. “at least the size of a key space”).

Regarding Claim 24:
Schrijen in view of Parrish teaches the system of claim 19.  In addition, Schrijen teaches wherein the class function is chosen using a handshake protocol (paragraph 177-179, index establisher may for example comprise a random number generator for generating the index; when the cryptographic key is used for communications with some other party then cryptographic system 100 is arranged to communicate the index to the other party), frequent and irregular seeding, interleaved randomized seeding data in the message, and/or using a key progression value.

Claim(s) 7, 11, 13, 18, 20, 25 is/are rejected under 35 U.S.C. 103 as being unpatentable over Schrijen in view of Parrish, and further in view of Horstmeyer et al (PGPUB 2013/0243187).

Regarding Claim 13:
Schrijen in view of Parrish teaches the method of claim 12.  In addition, Schrijen teaches wherein the initialization sequence further comprises: 
determining a subset of the unique signature (paragraph 165, decoding a correctable bit-string to a code word from a concatenated error correcting code may be done in various ways; for example, the first correctable bit string may be partitioned into a plurality of sub-strings; this partitioning may be done at fixed boundaries, e.g., after each 15 bit; however, the partitioning may be more involved; for example, an interleaving permutation may first be applied; or the sub-strings may be obtained by applying a plurality of sub-string producing functions, preferably linear functions, on the first correctable bit-string); and
determining an order of the unique signature (paragraph 165, a smaller error corrector, which may be comprised in error corrector 140, e.g., first error corrector 422 may be applied sequentially, to each one of the substring to produce a plurality smaller code words, which are then concatenated).
Neither Schrijen nor Parrish explicitly teaches encrypting the subset and the order using a handshake protocol; 
mixing the encrypted subset and encrypted order using at least one cryptographic pseudo- random number generator; and 
transmitting the mixed subset and order to the second node.
However, Horstmeyer teaches the concept of encrypting a subset and order using a handshake protocol (abstract, Communication Physical Unclonable Function (CPUF); paragraph 214-215, CPUF Public Key Protocol using Diffie-Hellman exchange procedure; Alice and Bob agree upon publicly known prime base g and common prime number p (i.e. “subset” and “order”; Alice and Bob generate one private key kA and kB with respective CPUF devices, i.e. “cryptographic pseudo-random number generator”; Alice computes pkA mod g, i.e. “encrypts” subset and order); 
mixing the encrypted subset and encrypted order using at least one cryptographic pseudo- random number generator (paragraph 214-215, Alice and Bob generate one private key kA and kB with respective CPUF devices, i.e. “cryptographic pseudo-random number generator”; Alice computes pkA mod g, i.e. “mixes” using at least one cryptographic pseudo-random number generator); and 
transmitting the mixed subset and order to a second node (paragraph 215, Alice sends “public key” to Bob).
It would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to combine the Diffie-Hellman key exchange teachings of Horstmeyer with the PUF key generation teachings of Schrijen in view of Parrish, with the benefit of using highly secure and well known key exchange protocols, such as Diffie-Hellman, to exchange cryptographic material, thereby improving security and integrity by relying on proven techniques with stable, secure, and reliable implementations.

Regarding Claim 18:
Schrijen in view of Parrish and Horstmeyer teaches the method of claim 13.  In addition, Horstmeyer teaches wherein the handshake protocol is a Diffie-Hellman handshake protocol (paragraph 215, Diffie-Hellman exchange procedure).
The rationale to combine Schrijen and Horstmeyer is the same as provided for claim 13 due to the overlapping subject matter between claims 13 and 18.

Regarding Claims 7, 11:
	These are method claims corresponding to the method of claims 13, 18, respectively, and are therefore rejected for corresponding reasons.

Regarding Claim 20:
Schrijen in view of Parrish teaches the system of claim 19.  In addition, Schrijen teaches wherein the initialization sequence further comprises: 
determine a subset of the unique signature (paragraph 165, decoding a correctable bit-string to a code word from a concatenated error correcting code may be done in various ways; for example, the first correctable bit string may be partitioned into a plurality of sub-strings; this partitioning may be done at fixed boundaries, e.g., after each 15 bit; however, the partitioning may be more involved; for example, an interleaving permutation may first be applied; or the sub-strings may be obtained by applying a plurality of sub-string producing functions, preferably linear functions, on the first correctable bit-string); and
determine an order of the unique signature (paragraph 165, a smaller error corrector, which may be comprised in error corrector 140, e.g., first error corrector 422 may be applied sequentially, to each one of the substring to produce a plurality smaller code words, which are then concatenated).
Neither Schrijen nor Parrish explicitly teaches encrypt the subset and the order using a handshake protocol; 
mix the encrypted subset and encrypted order using at least one cryptographic pseudo-random number generator; and 
transmit the mixed subset and order to the second node.
However, Horstmeyer teaches the concept of encrypting a subset and order using a handshake protocol (abstract, Communication Physical Unclonable Function (CPUF); paragraph 214-215, CPUF Public Key Protocol using Diffie-Hellman exchange procedure; Alice and Bob agree upon publicly known prime base g and common prime number p (i.e. “subset” and “order”; Alice and Bob generate one private key kA and kB with respective CPUF devices, i.e. “cryptographic pseudo-random number generator”; Alice computes pkA mod g, i.e. “encrypts” subset and order); 
mixing the encrypted subset and encrypted order using at least one cryptographic pseudo- random number generator (paragraph 214-215, Alice and Bob generate one private key kA and kB with respective CPUF devices, i.e. “cryptographic pseudo-random number generator”; Alice computes pkA mod g, i.e. “mixes” using at least one cryptographic pseudo-random number generator); and 
transmitting the mixed subset and order to a second node (paragraph 215, Alice sends “public key” to Bob).
It would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to combine the Diffie-Hellman key exchange teachings of Horstmeyer with the PUF key generation teachings of Schrijen in view of Parrish, with the benefit of using highly secure and well known key exchange protocols, such as Diffie-Hellman, to exchange cryptographic material, thereby improving security and integrity by relying on proven techniques with stable, secure, and reliable implementations.

Regarding Claim 25:
Schrijen in view of Parrish and Horstmeyer teaches the system of claim 20.  In addition, Horstmeyer teaches wherein the handshake protocol is a Diffie-Hellman handshake protocol (paragraph 215, Diffie-Hellman exchange procedure).
The rationale to combine Schrijen and Horstmeyer is the same as provided for claim 20 due to the overlapping subject matter between claims 20 and 25.

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to FORREST L CAREY whose telephone number is (571)270-7814. The examiner can normally be reached 9:00AM-5:30PM M-F.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Ashok Patel can be reached on 5712723972. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/FORREST L CAREY/Examiner, Art Unit 2491                                                                                                                                                                                         

/ASHOKKUMAR B PATEL/Supervisory Patent Examiner, Art Unit 2491