Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under 	the first inventor to file provisions of the AIA .
Abstract
Applicant is reminded of the proper language and format for an abstract of the disclosure.
The abstract should be in narrative form and generally limited to a single paragraph on a separate sheet within the range of 50 to 150 words.  The form and legal phraseology often used in patent claims, such as "means" and "said," should be avoided.  The abstract should describe the disclosure sufficiently to assist readers in deciding whether there is a need for consulting the full patent text for details.
The language should be clear and concise and should not repeat information given in the title.  It should avoid using phrases which can be implied, such as, "The disclosure concerns," "The disclosure defined by this invention," "The disclosure describes," etc.
The abstract of the disclosure is objected to because word counts is less than 50.  Correction is required.  See MPEP § 608.01(b).

Drawing Objection
The drawings are objected to because drawings contain blank boxes and numbers only. Applicant must supply a suitable legend/short description of each box besides numbers. A proposed drawing correction or corrected drawings are required in reply to the Office action to avoid abandonment of the application. The objection to the drawings will not be held in abeyance. 
The following are direct quotations of 37 CFR 1.84(n), (o), repeated below:(n)     Symbols. Graphical drawing symbols may be used for conventional elements   
when appropriate. The elements for which such symbols and   labeled representations are used must be adequately identified in the specification. Known devices should be illustrated by symbols which have a universally recognized conventional meaning and are generally accepted in the art. Other symbols which are not universally recognized may be used, subject to approval by the Office, if they are not likely to be confused with existing conventional symbols, and if they are readily identifiable.
(o)      Legends. Suitable short descriptive legends may be used subject to approval by the Office, or may be required by the examiner where necessary for understanding of the drawing. They should contain as few words as possible.

Claim Interpretation
The following is a quotation of 35 U.S.C. 112(f):
(f) Element in Claim for a Combination. – An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof. 

The following is a quotation of pre-AIA  35 U.S.C. 112, sixth paragraph:
An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof.

The claims in this application are given their broadest reasonable interpretation using the plain meaning of the claim language in light of the specification as it would be understood by one of ordinary skill in the art.  The broadest reasonable interpretation of a claim element (also commonly referred to as a claim limitation) is limited by the description in the specification when 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is invoked. 
As explained in MPEP § 2181, subsection I, claim limitations that meet the following three-prong test will be interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph:
(A)	the claim limitation uses the term “means” or “step” or a term used as a substitute for “means” that is a generic placeholder (also called a nonce term or a non-structural term having no specific structural meaning) for performing the claimed function; 
(B)	the term “means” or “step” or the generic placeholder is modified by functional language, typically, but not always linked by the transition word “for” (e.g., “means for”) or another linking word or phrase, such as “configured to” or “so that”; and 
(C)	the term “means” or “step” or the generic placeholder is not modified by sufficient structure, material, or acts for performing the claimed function. 
Use of the word “means” (or “step”) in a claim with functional language creates a rebuttable presumption that the claim limitation is to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites sufficient structure, material, or acts to entirely perform the recited function. 
Absence of the word “means” (or “step”) in a claim creates a rebuttable presumption that the claim limitation is not to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is not interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites function without reciting sufficient structure, material or acts to entirely perform the recited function. 
Claim limitations in this application that use the word “means” (or “step”) are being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action. Conversely, claim limitations in this application that do not use the word “means” (or “step”) are not being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action.
This application includes one or more claim limitations that do not use the word “means,” but are nonetheless being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, because the claim limitation(s) uses a generic placeholder that is coupled with functional language without reciting sufficient structure to perform the recited function and the generic placeholder is not preceded by a structural modifier.  Such claim limitation(s) are: “a user identification generation module configured to”, “a password generation module configured to”, “an authentication request module configured to”, “a first communication module configured to”, “a second communication module”, “28an inspection module configured to”, “an authentication module configured to”   in claim 1;  “a user identification generation module configured to”,  “a password generation module configured to”, &  “a communication module configured to”  in claim 10,  “a communication module configured to”, “28an inspection module configured to“, & “an authentication module configured to” in claim 11.. 
Because this/these claim limitation(s) is/are being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, it/they is/are being interpreted to cover the corresponding structure described in the specification as performing the claimed function, and equivalents thereof.
If applicant does not intend to have this/these limitation(s) interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, applicant may:  (1) amend the claim limitation(s) to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph (e.g., by reciting sufficient structure to perform the claimed function); or (2) present a sufficient showing that the claim limitation(s) recite(s) sufficient structure to perform the claimed function so as to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph.

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.

The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claims 1-11 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor, or for pre-AIA  the applicant regards as the invention. Claim limitations “a user identification generation module configured to”, “a password generation module configured to”, “an authentication request module configured to”, “a first communication module configured to”., “a second communication module”, “28an inspection module configured to”, “an authentication module configured to”, in claim 1,  “a user identification generation module configured to”,  “a password generation module configured to”, &  “a communication module configured to” in claim 10,  “a communication module configured to”, “28an inspection module configured to“, & “an authentication module configured to” in claim 11”.invoke 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. However, the written description fails to disclose the corresponding structure, material, or acts for performing the entire claimed function and to clearly link the structure, material, or acts to the function. Therefore, the claim is indefinite and is rejected under 35 U.S.C. 112(b) or pre-AIA  35 U.S.C. 112, second paragraph.
Applicant may:
(a)        Amend the claim so that the claim limitation will no longer be interpreted as a limitation under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph; 
(b)        Amend the written description of the specification such that it expressly recites what structure, material, or acts perform the entire claimed function, without introducing any new matter (35 U.S.C. 132(a)); or 
(c)        Amend the written description of the specification such that it clearly links the structure, material, or acts disclosed therein to the function recited in the claim, without introducing any new matter (35 U.S.C. 132(a)).
If applicant is of the opinion that the written description of the specification already implicitly or inherently discloses the corresponding structure, material, or acts and clearly links them to the function so that one of ordinary skill in the art would recognize what structure, material, or acts perform the claimed function, applicant should clarify the record by either: 
(a)    Amending the written description of the specification such that it expressly recites the corresponding structure, material, or acts for performing the claimed function and clearly links or associates the structure, material, or acts to the claimed function, without introducing any new matter (35 U.S.C. 132(a)); or (b) Stating on the record what the corresponding structure, material, or acts, which are implicitly or inherently set forth in the written description of the specification, perform the claimed function. For more information, see 37 CFR 1.75(d) and MPEP §§ 608.01(o) and 2181.
	
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.

The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.

	Claim 8 is rejected under 112b  as it recites in part “temporality synchronized”. As recited it introduces subjectivity. The specification and diagrams also do not clarifies the word “temporality”. Examiner assumes for the purpose of examination that transmitter and receiver are remains connected while communication is ongoing. 
	
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  

Claims 1,3, 6, & 8-15 are rejected under 35 USC 103 as being unpatentable over Baessler(US20030221104) in view of Avetisov (US1064752 B).
Regarding claim 1, Baessler teaches:
 a system comprising: a user/customer/partner (device) comprising: a secure memory configured to store an asymmetric key pair, the asymmetric key pair comprising a public key and a private key; [0026] Stored in the electronic data store 10 are a first digital key pair, composed of a public customer key 101 and a secret private customer key 102, and a second digital key pair, composed of a public key 103 of the security provider and a secret private key 104 of the security provider. Also, in an embodiment variant, just the secret private customer key 102 and the secret private key 104 of the security provider can be stored in the data store 10, ]
a password generation module configured to: calculate a digital signature via the user identification using the private key; and generate a password dataset based on the digital signature; [0033] The signature module 105 comprises furthermore a certification module 105a with cryptographic functions for generating a digital signature certificate from the customer signature using the private key of the security provider 104. That means that the certification module 105a comprises cryptographic functions in order to generate a digital signature (the certificate signature) from the customer signature, based on an asymmetrical encryption method, and further data (certificate data) to be used for the generation of the signature certificate using the private key 104 of the security provider. The certificate data to be used for the generation of the signature certificate preferably include further certificate data, besides the fingerprint of the customer signature:[0034] the fingerprint, used for the generation of the customer signature, of the object data to be signed,[0035] time data on the point in time of generation of the customer signature,[0036] the customer identification 106,
[0037] personal customer attributes 107 as well as their date of updating (possibly including time of day), and [0038] time data on the point in time of generation of the signature of the signature certificate (certificate signature).  [0046] The authentication module 423 verifies the authenticity of the customer identification and of the public customer key. The authentication module 423 receives from the security module 41 either the public customer key or the public key certificate of the public customer key. The authentication module 423 checks whether the received public customer key is already present (known) in the security module 42 and is not disabled, or it verifies the received public key certificate of the public customer key by means of the public key of the security provider and checks the customer identification contained therein. It is obvious to a ordinary skilled person that signed customer identification is used authenticate the customer. Hence it is used as password dataset. ]
an authentication request module configured to generate an authentication request message, the authentication request message comprising the user identification and the password dataset; [0058] In step S8, the order data prepared in step S1, the customer signature generated in step S4, and the signature certificate generated in steps S6 ( authentication request message)and S7 are transmitted by the communication terminal 2 via the communication network 3 to the terminal of the transaction partner 6.[0059] In step S9, the signature certificate received in step S8 is verified in the terminal of the transaction partner 6 by its being decrypted using the public key of the security provider, the fingerprint of the order data being compared with the order data, and the time data regarding the point in time of the customer signature being checked. On the basis of the verified signature certificate, it can be determined in the terminal of the transaction partner 6 that the respective customer is known at the security provider(customer/digital signature (signed customer identification) is considered to be a password for customer authentication as well as customer identification)  , whether the customer is authorized for the transaction and credit worthy based on the co-delivered customer attributes, until which date of update the customer attributes have been updated, and that the customer signature is verifiable if need be. On the basis of this information it is possible, as a rule, for the transaction partner to initiate the delivery according to the order data without further clarifications.]
a first communication module configured to transmit the authentication request message to a user/customer/partner (device); [0040] In an embodiment variant, the certification module 105a uses the customer signature directly in the certificate data instead of the fingerprint of the customer signature and instead of the fingerprint used for the customer signature. Moreover no fingerprint of the certificate data is formed, but instead the certificate data themselves are encrypted using the private key 104 of the security provider. Afterwards only these encrypted certificate data (message for authentication) need to be transmitted to a transaction partner; the customer signature can be obtained at the transaction partner from the encrypted certificate data by means of the public key of the security provider. It is obvious to a ordinary skilled person in the art that Baessler teaches the limitation and it is also that the limitation is well known in the art] 
 the user/customer/partner(device) comprising: a second communication module, wherein the second communication module is configured to receive the authentication request message from the user/customer/partner; .[0040] In an embodiment variant, the certification module 105a uses the customer signature directly in the certificate data instead of the fingerprint of the customer signature and instead of the fingerprint used for the customer signature. Moreover no fingerprint of the certificate data is formed, but instead the certificate data themselves are encrypted using the private key 104 of the security provider. Afterwards only these encrypted certificate data need to be transmitted to a transaction partner; the customer signature can be obtained at the transaction partner from the encrypted certificate data by means of the public key of the security provider. It is obvious to ordinary skilled person  in the art that the teaching of Baessler can used to execute communication by multiple communication module including second module to receive data/message, moreover, the limitations is also well known in the art.]
an inspection module configured to ascertain a check result for the digital signature of the password dataset based on the user identification; [0046] The authentication module 423 verifies the authenticity of the customer identification and of the public customer key. The authentication module 423 receives from the security module 41 either the public customer key or the public key certificate of the public customer key. The authentication module 423 checks whether the received public customer key is already present (known) in the security module 42 and is not disabled, or it verifies the received public key certificate of the public customer key by means of the public key of the security provider and checks the customer identification contained therein.[0047] The verification module 421 receives a digital customer signature and the object data used to generate the customer signature (either the object data or the fingerprint used of the object data) from the security module 41. Using the public customer key 101, which is checked by the authentication module 423, the verification module 421 verifies the received customer signature by decrypting it and comparing it with the fingerprint of the object data used for generating the customer signature.]
an authentication module configured to authenticate the user/customer/partner (device )based on the check result using an authentication message.  [0064] Determined in the authentication module 423 in step S11 is the authenticity of the customer identification and the public customer key (with or without public key certificate) received in step S10. If no authentication can be achieved, the ordering process is discontinued. Otherwise, the customer signature received in step S10 is verified in the security module 42 by the customer signature being decrypted using the public customer key and the decrypted data being compared with a fingerprint (hash) of the order data received in step S10. If the customer signature cannot be verified, no signature certificate is generated. If the customer signature is positively verified, those of the personal customer attributes 107 are also selected by the customer in step S11 which are supposed to be transmitted to the transaction partner with the order, and the method is continued in step S5.]
 Although, Baessler teaches customer/partner/user authentication request, he does not expclitly teach, however, Avetisov (US10764752) teaches: 
a user identification generation module configured to generate a user identification based on registration data, the registration data comprising the public key, certificate data of a digital certificate, or the public key and the certificate data of the digital certificate;; [Col 79 & 80, lines 55-65 & 1-15 respectively:  In some embodiments, a user may generate a user identity on a blockchain, like in the directed acyclic graph 205. For example, in block 21, a transaction record, Tx1, is shown to include a user identity, Net ID 271. Thus, for example, transaction record Tx 1 may be a user identity record establishing a user identity, or Net ID 271 of the user, within a directed acyclic graph 205. In order to use the Net ID 271, the user must prove ownership of the user identity. To that end, the user might retain some secret knowledge, like a private key, not shared with other users. The private key may be a first encryption key of a key-pair, a second encryption key of the key-pair being a public key not kept secret by the user. Thus, for example, the user may sign data, like some other key, certificate, credentials, identifier or any other data, with the private key to create a signature (e.g., the output of a signature function taking as input the data and the private key) and the public key is operable to verify the signature (e.g., the output of a corresponding signature verification function taking as input the signature, the data, and the public key). Thus, a signature verification function provides a verification result that the user who signed the data possesses the private key. Accordingly, the Net ID 271 information for a user may include a User ID Key, which may be a public key, and a User ID, whereby the user can prove ownership of the Net ID 271 by signing the User ID with the private key (e.g., for verification based on the signature, the public key, and the User ID). The User ID can be some data, like a file or digital certificate, cryptographic hash value, key, or other unique identifier.]
authenticating transmitter or/and receiver, [Col 13, lines 10-20:The electro-mechanical device may include one or more hardware elements like a processor, memory, receiver, transmitter, and the like to receive results for authentication. Some electro-mechanical devices may process the results directly by verification of signature, or transmit the result and receive a response, such as from a server. In either instance, the electro-mechanical device may actuate a mechanism based on a received result.]
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to combine the teachings of Baessler with the disclosure of Avetisov. The motivation or suggestion would have been to implement a system that will provide efficient techniques for secure authentication of user/device/transmitter or recoverin. (Col 03, lines 15-40, Avetisov)-  
Regarding claim 3, Baessler teaches wherein the certificate data comprises the digital certificate, a serial number of the digital certificate, a timestamp, a nonce, device-specific transmitter parameters, a fingerprint of the digital certificate, or any combination thereof.  [please see para [0014-0015]]
Regarding claim 6, Baessler teaches wherein the digital certificate is a digital certificate for the public key. [please see para [0043] & also [0046]]
Regarding claim 8, although Baessler teaches connectivity between two devices, he does not teach expclitly, however, Avetisov teaches wherein the transmitter and the receiver are temporally synchronized.  [Col 13, lines 13-18: Some electro-mechanical devices may process the results directly by verification of signature, or transmit (transmitter) the result and receive a response, such as from a server (recover). In either instance, the electro-mechanical device may actuate a mechanism based on a received result. ]
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to combine the teachings of Baessler with the disclosure of Avetisov. The motivation or suggestion would have been to implement a system that will provide efficient techniques for secure authentication of user/device/transmitter or recoverin. (Col 03, lines 15-40, Avetisov)-  
Regarding claim 9, although Baessler teaches digital certificate, he does not teach expclitly, however, Avetisov teaches wherein the timestamp, the device-specific transmitter parameters, the certificate data, or any combination thereof is additionally inspected during the ascertainment of the check result. [Col 105, lines 45-60]
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to combine the teachings of Baessler with the disclosure of Avetisov. The motivation or suggestion would have been to implement a system that will provide efficient techniques for secure authentication of user/device/transmitter or recoverin. (Col 03, lines 15-40, Avetisov)-  
Regarding claim 10, Baessler teaches:
 A  device comprising: a secure memory configured to store an asymmetric key pair, the asymmetric key pair comprising a public key and a private key; [0026] Stored in the electronic data store 10 are a first digital key pair, composed of a public customer key 101 and a secret private customer key 102, and a second digital key pair, composed of a public key 103 of the security provider and a secret private key 104 of the security provider. Also, in an embodiment variant, just the secret private customer key 102 and the secret private key 104 of the security provider can be stored in the data store 10,]
a password generation module configured to: calculate a digital signature via the user identification using the private key,  and generate a password dataset of the digital signature; [0033] The signature module 105 comprises furthermore a certification module 105a with cryptographic functions for generating a digital signature certificate from the customer signature using the private key of the security provider 104. That means that the certification module 105a comprises cryptographic functions in order to generate a digital signature (the certificate signature) from the customer signature, based on an asymmetrical encryption method, and further data (certificate data) to be used for the generation of the signature certificate using the private key 104 of the security provider. The certificate data to be used for the generation of the signature certificate preferably include further certificate data, besides the fingerprint of the customer signature:[0034] the fingerprint, used for the generation of the customer signature, of the object data to be signed,[0035] time data on the point in time of generation of the customer signature,[0036] the customer identification 106, [0037] personal customer attributes 107 as well as their date of updating (possibly including time of day), and [0038] time data on the point in time of generation of the signature of the signature certificate (certificate signature).  [0046] The authentication module 423 verifies the authenticity of the customer identification and of the public customer key. The authentication module 423 receives from the security module 41 either the public customer key or the public key certificate of the public customer key. The authentication module 423 checks whether the received public customer key is already present (known) in the security module 42 and is not disabled, or it verifies the received public key certificate of the public customer key by means of the public key of the security provider and checks the customer identification contained therein. It is obvious to a ordinary skilled person that signed customer identification is used authenticate the customer. Hence it is used as password dataset ]
an authentication request module configured to generate an authentication request message, the authentication request message comprising the user identification and the password dataset; [0058] In step S8, the order data prepared in step S1, the customer signature generated in step S4, and the signature certificate generated in steps S6 ( authentication request message)and S7 are transmitted by the communication terminal 2 via the communication network 3 to the terminal of the transaction partner 6.[0059] In step S9, the signature certificate received in step S8 is verified in the terminal of the transaction partner 6 by its being decrypted using the public key of the security provider, the fingerprint of the order data being compared with the order data, and the time data regarding the point in time of the customer signature being checked. On the basis of the verified signature certificate, it can be determined in the terminal of the transaction partner 6 that the respective customer is known at the security provider(customer/digital signature (signed customer identification) is considered to be a password for customer authentication as well as customer identification)  , whether the customer is authorized for the transaction and credit worthy based on the co-delivered customer attributes, until which date of update the customer attributes have been updated, and that the customer signature is verifiable if need be. On the basis of this information it is possible, as a rule, for the transaction partner to initiate the delivery according to the order data without further clarifications.]
and a communication module configured to transmit the authentication request message to a customer/user/partner  [0040] In an embodiment variant, the certification module 105a uses the customer signature directly in the certificate data instead of the fingerprint of the customer signature and instead of the fingerprint used for the customer signature. Moreover no fingerprint of the certificate data is formed, but instead the certificate data themselves are encrypted using the private key 104 of the security provider. Afterwards only these encrypted certificate data (message for authentication) need to be transmitted to a transaction partner; the customer signature can be obtained at the transaction partner from the encrypted certificate data by means of the public key of the security provider. It is obvious to a ordinary skilled person in the art that Baessler teaches the limitation and it is also that the limitation is well known in the art] 
Although, Baessler teaches customer/partner/user authentication request, he does not expclitly teach, however, Avetisov (US10764752) teaches: 
a user identification generation module configured to generate a user identification based on registration data, the registration data comprising the public key, certificate data of a digital certificate, or the public key and the certificate data of the digital certificate; [Col 79 & 80, lines 55-65 & 1-15 respectively:  In some embodiments, a user may generate a user identity on a blockchain, like in the directed acyclic graph 205. For example, in block 21, a transaction record, Tx1, is shown to include a user identity, Net ID 271. Thus, for example, transaction record Tx 1 may be a user identity record establishing a user identity, or Net ID 271 of the user, within a directed acyclic graph 205. In order to use the Net ID 271, the user must prove ownership of the user identity. To that end, the user might retain some secret knowledge, like a private key, not shared with other users. The private key may be a first encryption key of a key-pair, a second encryption key of the key-pair being a public key not kept secret by the user. Thus, for example, the user may sign data, like some other key, certificate, credentials, identifier or any other data, with the private key to create a signature (e.g., the output of a signature function taking as input the data and the private key) and the public key is operable to verify the signature (e.g., the output of a corresponding signature verification function taking as input the signature, the data, and the public key). Thus, a signature verification function provides a verification result that the user who signed the data possesses the private key. Accordingly, the Net ID 271 information for a user may include a User ID Key, which may be a public key, and a User ID, whereby the user can prove ownership of the Net ID 271 by signing the User ID with the private key (e.g., for verification based on the signature, the public key, and the User ID). The User ID can be some data, like a file or digital certificate, cryptographic hash value, key, or other unique identifier.]
authenticating transmitter or receiver, [Col 13, lines 10-20:The electro-mechanical device may include one or more hardware elements like a processor, memory, receiver, transmitter, and the like to receive results for authentication. Some electro-mechanical devices may process the results directly by verification of signature, or transmit the result and receive a response, such as from a server. In either instance, the electro-mechanical device may actuate a mechanism based on a received result.]
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to combine the teachings of Baessler with the disclosure of Avetisov. The motivation or suggestion would have been to implement a system that will provide efficient techniques for secure authentication of user/device/transmitter or recoverin. (Col 03, lines 15-40, Avetisov)-  
Regarding claim 11, Baessler teaches:
a user/customer/partner(device) comprising: a communication module configured to receive an authentication request message from a user/customer/partner, the authentication request message comprising a user identification and a password dataset; ; [0058] In step S8, the order data prepared in step S1, the customer signature generated in step S4, and the signature certificate generated in steps S6 ( authentication request message)and S7 are transmitted by the communication terminal 2 via the communication network 3 to the terminal of the transaction partner 6.[0059] In step S9, the signature certificate received in step S8 is verified in the terminal of the transaction partner 6 by its being decrypted using the public key of the security provider, the fingerprint of the order data being compared with the order data, and the time data regarding the point in time of the customer signature being checked. On the basis of the verified signature certificate, it can be determined in the terminal of the transaction partner 6 that the respective customer is known at the security provider(customer/digital signature (signed customer identification) is considered to be a password for customer authentication as well as customer identification)  , whether the customer is authorized for the transaction and credit worthy based on the co-delivered customer attributes, until which date of update the customer attributes have been updated, and that the customer signature is verifiable if need be. On the basis of this information it is possible, as a rule, for the transaction partner to initiate the delivery according to the order data without further clarifications.]
an inspection module configured to ascertain a check result for a digital signature of the password dataset based on the user identification; [0046] The authentication module 423 verifies the authenticity of the customer identification and of the public customer key. The authentication module 423 receives from the security module 41 either the public customer key or the public key certificate of the public customer key. The authentication module 423 checks whether the received public customer key is already present (known) in the security module 42 and is not disabled, or it verifies the received public key certificate of the public customer key by means of the public key of the security provider and checks the customer identification contained therein.[0047] The verification module 421 receives a digital customer signature and the object data used to generate the customer signature (either the object data or the fingerprint used of the object data) from the security module 41. Using the public customer key 101, which is checked by the authentication module 423, the verification module 421 verifies the received customer signature by decrypting it and comparing it with the fingerprint of the object data used for generating the customer signature.]
an authentication module configured to authenticate the user/customer/partner (device) based on the check result using an authentication message. [0064] Determined in the authentication module 423 in step S11 is the authenticity of the customer identification and the public customer key (with or without public key certificate) received in step S10. If no authentication can be achieved, the ordering process is discontinued. Otherwise, the customer signature received in step S10 is verified in the security module 42 by the customer signature being decrypted using the public customer key and the decrypted data being compared with a fingerprint (hash) of the order data received in step S10. If the customer signature cannot be verified, no signature certificate is generated. If the customer signature is positively verified, those of the personal customer attributes 107 are also selected by the customer in step S11 which are supposed to be transmitted to the transaction partner with the order, and the method is continued in step S5.] 
Although, Baessler teaches customer/partner/user (device) authentication request, he does not expclitly teach, however, Avetisov (US10764752) teaches: 
authenticating transmitter or receiver, [Col 13, lines 10-20:The electro-mechanical device may include one or more hardware elements like a processor, memory, receiver, transmitter, and the like to receive results for authentication. Some electro-mechanical devices may process the results directly by verification of signature, or transmit the result and receive a response, such as from a server. In either instance, the electro-mechanical device may actuate a mechanism based on a received result.]
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to combine the teachings of Baessler with the disclosure of Avetisov. The motivation or suggestion would have been to implement a system that will provide efficient techniques for secure authentication of user/device/transmitter or recoverin. (Col 03, lines 15-40, Avetisov)-  
        Regarding claim 12, the claim is interpreted to be same as claim 10 and rejected for the same reasons as set forth for claim 10.
          Regarding claim 13, the claim is interpreted to be same as claim 10 and rejected for the same reasons as set forth for claim 11.
Regarding claim 14, Baessler teaches:
 storing an asymmetric key pair, wherein the asymmetric key pair comprises a public key and a private key; [0026] Stored in the electronic data store 10 are a first digital key pair, composed of a public customer key 101 and a secret private customer key 102, and a second digital key pair, composed of a public key 103 of the security provider and a secret private key 104 of the security provider. Also, in an embodiment variant, just the secret private customer key 102 and the secret private key 104 of the security provider can be stored in the data store 10, ]
calculating the digital signature via the user identification using the private key, wherein the password dataset is ascertained based on the digital signature; [0033] The signature module 105 comprises furthermore a certification module 105a with cryptographic functions for generating a digital signature certificate from the customer signature using the private key of the security provider 104. That means that the certification module 105a comprises cryptographic functions in order to generate a digital signature (the certificate signature) from the customer signature, based on an asymmetrical encryption method, and further data (certificate data) to be used for the generation of the signature certificate using the private key 104 of the security provider. The certificate data to be used for the generation of the signature certificate preferably include further certificate data, besides the fingerprint of the customer signature:[0034] the fingerprint, used for the generation of the customer signature, of the object data to be signed,[0035] time data on the point in time of generation of the customer signature,[0036] the customer identification 106, [0037] personal customer attributes 107 as well as their date of updating (possibly including time of day), and [0038] time data on the point in time of generation of the signature of the signature certificate (certificate signature).  [0046] The authentication module 423 verifies the authenticity of the customer identification and of the public customer key. The authentication module 423 receives from the security module 41 either the public customer key or the public key certificate of the public customer key. The authentication module 423 checks whether the received public customer key is already present (known) in the security module 42 and is not disabled, or it verifies the received public key certificate of the public customer key by means of the public key of the security provider and checks the customer identification contained therein. It is obvious to a ordinary skilled person that signed customer identification is used authenticate the customer. Hence it is used as password dataset
generating the authentication request message; [0040] In an embodiment variant, the certification module 105a uses the customer signature directly in the certificate data instead of the fingerprint of the customer signature and instead of the fingerprint used for the customer signature. Moreover no fingerprint of the certificate data is formed, but instead the certificate data themselves are encrypted using the private key 104 of the security provider. Afterwards only these encrypted certificate data (message for authentication) need to be transmitted to a transaction partner; the customer signature can be obtained at the transaction partner from the encrypted certificate data by means of the public key of the security provider. It is obvious to a ordinary skilled person in the art that Baessler teaches the limitation and it is also that the limitation is well known in the art] 
transmitting the authentication request message to a customer/partner/user. 
[0040] In an embodiment variant, the certification module 105a uses the customer signature directly in the certificate data instead of the fingerprint of the customer signature and instead of the fingerprint used for the customer signature. Moreover no fingerprint of the certificate data is formed, but instead the certificate data themselves are encrypted using the private key 104 of the security provider. Afterwards only these encrypted certificate data (message for authentication) need to be transmitted to a transaction partner; the customer signature can be obtained at the transaction partner from the encrypted certificate data by means of the public key of the security provider. It is obvious to an ordinary skilled person in the art that Baessler teaches the limitation and it is also that the limitation is well known in the art] 
 Although, Baessler teaches customer/partner/user authentication request, he does not expclitly teach, however, Avetisov (US10764752) teaches: 
generating a user identification based on registration data, wherein the registration data comprises the public key, certificate data of a digital certificate, or the public key and the certificate data of the digital certificate; [Col 79 & 80, lines 55-65 & 1-15 respectively:  In some embodiments, a user may generate a user identity on a blockchain, like in the directed acyclic graph 205. For example, in block 21, a transaction record, Tx1, is shown to include a user identity, Net ID 271. Thus, for example, transaction record Tx 1 may be a user identity record establishing a user identity, or Net ID 271 of the user, within a directed acyclic graph 205. In order to use the Net ID 271, the user must prove ownership of the user identity. To that end, the user might retain some secret knowledge, like a private key, not shared with other users. The private key may be a first encryption key of a key-pair, a second encryption key of the key-pair being a public key not kept secret by the user. Thus, for example, the user may sign data, like some other key, certificate, credentials, identifier or any other data, with the private key to create a signature (e.g., the output of a signature function taking as input the data and the private key) and the public key is operable to verify the signature (e.g., the output of a corresponding signature verification function taking as input the signature, the data, and the public key). Thus, a signature verification function provides a verification result that the user who signed the data possesses the private key. Accordingly, the Net ID 271 information for a user may include a User ID Key, which may be a public key, and a User ID, whereby the user can prove ownership of the Net ID 271 by signing the User ID with the private key (e.g., for verification based on the signature, the public key, and the User ID). The User ID can be some data, like a file or digital certificate, cryptographic hash value, key, or other unique identifier.]
authenticating transmitter or receiver, [Col 13, lines 10-20:The electro-mechanical device may include one or more hardware elements like a processor, memory, receiver, transmitter, and the like to receive results for authentication. Some electro-mechanical devices may process the results directly by verification of signature, or transmit the result and receive a response, such as from a server. In either instance, the electro-mechanical device may actuate a mechanism based on a received result.]
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to combine the teachings of Baessler with the disclosure of Avetisov. The motivation or suggestion would have been to implement a system that will provide efficient techniques for secure authentication of user/device/transmitter or recoverin. (Col 03, lines 15-40, Avetisov)-  
Regarding claim 15, the claim is interpreted to be same as claim 1 and rejected for the same reasons as set forth for claim 1.

Claim 2 is rejected under 35 USC 103 as being unpatentable over Baessler in view of Avetisov  and Altman ( US20130217332)
Regarding claim 2,although Baessler and Avetisov teach registration data, they do not teach expclitly, however, Altman teaches wherein the registration data comprises additional registration parameters, the additional registration parameters comprising a timestamp, a nonce, device- specific transmitter parameters, or any combination thereof.  [please see para 0425]
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to combine the teachings of Baessler and Avetisov with the disclosure of Altman. The motivation or suggestion would have been to implement a system that will provide efficient techniques for  performing mutual authentication in  a secure, stable and to secure stability and high reliability enviornment6. (paras 0001-0005, Park)

Claim 4 is rejected under 35 USC 103 as being unpatentable over Baessler in view of Avetisov  and  Park (US20190372403)	
Regarding claim 4, although Baessler and Avetisov teach digital certificate, they do not teach, however, Logue teaches wherein the certificate data comprises a checksum.  [please see para 0340]
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to combine the teachings of Baessler and Avetisov with the disclosure of Park. The motivation or suggestion would have been to implement a system that will provide efficient techniques for  performing mutual authentication in  a secure, stable and to secure stability and high reliability enviornment6. (paras 0001-0005, Park)

Claim 5 is rejected under 35 USC 103 as being unpatentable over Baessler in view of Avetisov  and  Logue (US20060212520)
Regarding claim 5,  Avetisov teaches wherein the registration data is calculated by the transmitter, wherein the registration data is formed taking into consideration a timestamp, a nonce, device-specific transmitter parameters, or any combination thereof, [Col 33, lines 20-45] 
Although, Baessler and Avetisov teach registration data, they do not teach explicitly, however, Logue teaches  wherein the registration data is recalculated specifically for a corresponding authentication request message.  [para 0050]
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to combine the teachings of Baessler and Avetisov with the disclosure of Logue. The motivation or suggestion would have been to implement a system that will provide efficient techniques for  performing improved authentication by using checksum. (abstract & para 0016, Logue)

Claim 7 is rejected under 35 USC 103 as being unpatentable over Baessler in view of Avetisov  and  Ribeiro (CN107683582A)
	Regarding claim 7, although Baessler and Avetisob teach password dataset, they do not teach expclitly, however, Ribeiro teaches the password dataset comprises: password generation- specific additional parameters, the digital signature is calculated taking into consideration at least some of the additional parameters, or a combination thereof, and wherein the password generation-specific additional parameters comprise information about a hash algorithm of the digital signature, a padding scheme of the digital signature, a timestamp, or any combination thereof. [please see translated text page  [please see page 05, paragraph 2nd of the attached translated text ]
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to combine the teachings of Baessler and Avetisov with the disclosure of Rebeiro. The motivation or suggestion would have been to implement a system that will provide efficient and improved techniques for performing token/credential sequence based authentication . (abstract & background, Rebeiro)

Following are the prior arts indicated in pto-892 but not used in this instant Office Action:
1.   Falk (US20130010954) discloses a   method transmits a signal using a unidirectional communications link, which is protected by an asymmetric cryptography method. A counter value is incremented by a transmitter during a transmission operation. Subsequently, a challenge is determined by the transmitter on the basis of the counter value and a control command that can be executed by a receiver and, on the basis of the challenge that is determined a response is in turn determined. The challenge and the response are transmitted from the transmitter to the receiver. The challenge received is then checked by the receiver to see whether the counter value used in the challenge is greater than a counter value previously stored by the transmitting transmitter. The response received is checked on the basis of the challenge. Following successful checking of the challenge and response, the control command transmitted in the challenge is executed.
2. Watanabe (US20180248876) discloses a communication terminal includes circuitry to perform a first function and a second function. The second function is performed through a communication with another communication terminal. The circuitry transmits first authentication information used for a first login authentication process of logging into a first server to perform the first function. The first server performs the first login authentication process. The circuitry further transmits second authentication information used for a second login authentication process of logging into a second server to perform the second function in response to result information indicating a success in the first login authentication process. The second server performs the second authentication login process. The second authentication information is different from the first authentication information.     
3.Abe (US20060060065) teaches an information processing system having a first information processing apparatus and a second information processing apparatus connected via a network. The first information processing apparatus comprises first storing means storing music material data constituting music data for playing back music; second storing means storing music composition data describing, for each item of the music material data, playback conditions for music to be played back using the music data; and transmitting means transmitting the music material data or the music composition data to the second information processing apparatus. The second information processing apparatus comprises receiving means receiving the music material data or the music composition data transmitted from the first information processing apparatus; and music data generating means generating music data for playing back music in accordance with the playback conditions described in the music composition data on the basis of the music material data and the music composition data . 
                                             .Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SHER KHAN whose telephone number is (571)272-8574.  The examiner can normally be reached on Monday-Friday-8:00am - 5:00pm (EST).If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Eleni Shiferaw can be reached on 571-272-3867.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/SHER A KHAN/Primary Examiner, Art Unit 2497