Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

DETAILED ACTION
The present office action is responsive to communications received on 03/22/2021.

Information Disclosure Statement
The information disclosure statement (IDS) submitted on 03/22/2021 is in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the examiner.

Status of Claims
Claims 1-20 are pending.

Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.


Claims 1-4 and 11-14 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Kim et al. (US 20190253417 A1) hereinafter referred to as Kim.

With respect to claim 1, Kim discloses: A method for device authentication based on a certificate using a Physical Unclonable Function (PUF), performed by an apparatus for device authentication based on a certificate using a PUF, (Kim ¶115-117 disclose generating a certificate of authentication based on a device ID and PUF. The bulk of the invention is summarized in Kim Figs. 3A-3F).
the method comprising: acquiring previously stored first Challenge-Response-Pair (CRP) information corresponding to identification information received from a device that requests authentication and generating a certificate including a public key generated using the first CRP information; (Kim ¶64 “The server 301 and the proposed platform 300 may each generate a signature with its own personal key and have its own public key included in the certificate … The pre-authentication IP 302 may obtain the private key from the VIA-PUF 303 and may transmit a signature generated using the key to the certificate server.” Kim ¶66 and ¶68 disclose a pre-authentication step comprising issuance protocol, which is mapped to the first CRP. Kim ¶83 “the certificate of authentication is shown in FIGS. 3B to 3D as including the ID and public key of the chip and signatures therefor, the signed object and the content of the certificate can further include information such as the issuance authority, period of validity, etc., in addition to the ID and public key of the chip when necessary.”).
transmitting a message in which the certificate encrypted using a first response value of the first CRP information as a server secret key and a first challenge value of the first CRP information are included to the device; (Kim ¶117 “the TSM may generate a certificate of authentication that includes the received public key by applying a signature based on its private key(3307) and may transmit the certificate to the issuing machine, and the issuing machine may transmit this to the chip.” Wherein the Chip is inserted in the device as understood by the examiner from Kim ¶71. Additionally, Kim ¶133 “The TSM may check the validity of the received public key (B) and the validity of the signature (3609 and 3610). Also, by using the received public key (B) of the chip and the temporary private key (a) generated at the TSM, shared secret information (W) may be created, and this may be expanded with a key derivation function to generate shared secret keys (K1, K2, IV) (3611). By using this to decrypt C.sub.1, it may be confirmed that the chip has generated the same shared secret keys. The TSM may also transmit information (C.sub.2) encrypted with the shared secret keys to the chip (3612).”).
and verifying an encrypted signature message received from the device through a secure channel, thereby authenticating the device. (Kim ¶133, 135 and 139 disclose using signature exchange for successful authentication wherein the data is encrypted thus mapped to a secure channel).

With respect to claim 2, Kim discloses: The method of claim 1, wherein generating the certificate is configured to generate the public key using the first response value as a private key and to generate the certificate including the identification information and the public key. (Kim ¶66 and ¶68 disclose a pre-authentication step comprising issuance protocol comprising a first response. Wherein ¶81-83 disclose generating the public key for the generated certificate including first response value comprising device ID and PUF).

With respect to claim 3, Kim discloses: The method of claim 2, further comprising: generating, by the device, a second response value from the first challenge value using a PUF, and decrypting, by the device, the certificate using the second response value as a device secret key. (Kim ¶115-117 disclose later stage of a “Reissuance protocol” after the pre-authentication stage of generating the public key for  the generated certificate including first response value comprising device ID and PUF and Kim ¶133-137 disclose a second handshake wherein the shared secret keys are used to decrypt the data comprising signature and certificate data in C1 and C2 for authentication illustrated in Fig. 3F in particular steps 3608 and 3612 illustrate what C1 and C2 each comprise).

With respect to claim 4, Kim discloses: The method of claim 3, wherein decrypting the certificate is configured such that the device compares the identification information included in the decrypted certificate with the previously stored identification and thereby verifies validity of the certificate. (Kim ¶129-133 disclose decrypting and comparing the certificate data to ensure certificate validity mapped to the authentication).

With respect to claim 11, Kim discloses: An apparatus for device authentication based on a certificate using a Physical Unclonable Function (PUF), (Kim ¶115-117 disclose generating a certificate of authentication based on a device ID and PUF. The bulk of the invention is summarized in Kim Figs. 3A-3F).
comprising: one or more processors; and executable memory for storing at least one program executed by the one or more processors, wherein the at least one program is configured to: acquire previously stored first Challenge-Response-Pair (CRP) information corresponding to identification information received from a device that requests authentication and generate a certificate including a public key generated using the first CRP information; (Kim ¶64 “The server 301 and the proposed platform 300 may each generate a signature with its own personal key and have its own public key included in the certificate … The pre-authentication IP 302 may obtain the private key from the VIA-PUF 303 and may transmit a signature generated using the key to the certificate server.” Kim ¶66 and ¶68 disclose a pre-authentication step comprising issuance protocol, which is mapped to the first CRP. Kim ¶83 “the certificate of authentication is shown in FIGS. 3B to 3D as including the ID and public key of the chip and signatures therefor, the signed object and the content of the certificate can further include information such as the issuance authority, period of validity, etc., in addition to the ID and public key of the chip when necessary.”).
transmit a message in which the certificate encrypted using a first response value of the first CRP information as a server secret key and a first challenge value of the first CRP information are included to the device; (Kim ¶117 “the TSM may generate a certificate of authentication that includes the received public key by applying a signature based on its private key(3307) and may transmit the certificate to the issuing machine, and the issuing machine may transmit this to the chip.” Wherein the Chip is inserted in the device as understood by the examiner from Kim ¶71. Additionally, Kim ¶133 “The TSM may check the validity of the received public key (B) and the validity of the signature (3609 and 3610). Also, by using the received public key (B) of the chip and the temporary private key (a) generated at the TSM, shared secret information (W) may be created, and this may be expanded with a key derivation function to generate shared secret keys (K1, K2, IV) (3611). By using this to decrypt C.sub.1, it may be confirmed that the chip has generated the same shared secret keys. The TSM may also transmit information (C.sub.2) encrypted with the shared secret keys to the chip (3612).”).
and verify an encrypted signature message received from the device through a secure channel and thereby authenticate the device. (Kim ¶133, 135 and 139 disclose using signature exchange for successful authentication wherein the data is encrypted thus mapped to a secure channel).

With respect to claim 12, Kim discloses: The apparatus of claim 11, wherein the at least one program generates the public key using the first response value as a private key and generates the certificate including the identification information and the public key. (Kim ¶66 and ¶68 disclose a pre-authentication step comprising issuance protocol comprising a first response. Wherein ¶81-83 disclose generating the public key for the generated certificate including first response value comprising device ID and PUF).

With respect to claim 13, Kim discloses: The apparatus of claim 12, wherein the device generates a second response value from the first challenge value using a PUF and decrypts the certificate using the second response value as a device secret key. (Kim ¶115-117 disclose later stage of a “Reissuance protocol” after the pre-authentication stage of generating the public key for  the generated certificate including first response value comprising device ID and PUF and Kim ¶133-137 disclose a second handshake wherein the shared secret keys are used to decrypt the data comprising signature and certificate data in C1 and C2 for authentication illustrated in Fig. 3F in particular steps 3608 and 3612 illustrate what C1 and C2 each comprise).

With respect to claim 14, Kim discloses: The apparatus of claim 13, wherein the device compares the identification information included in the decrypted certificate with the previously stored identification information and thereby verifies validity of the certificate. (Kim ¶129-133 disclose decrypting and comparing the certificate data to ensure certificate validity mapped to the authentication).

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
Claims 5-10 and 15-20 are rejected under 35 U.S.C. 103 as being unpatentable over Kim as applied to claims 1-4 and 11-14 above, and further in view of Wentz et al. (US 20210184864 A1) hereinafter referred to as Wentz.

With respect to claim 5, Kim discloses: The method of claim 3, wherein authenticating the device is configured to communicate with the device through the secure channel, (Kim ¶133, 135 and 139 disclose using signature exchange for successful authentication wherein the data is encrypted thus mapped to a secure channel).
Kim does not explicitly disclose: wherein authenticating the device is configured to communicate with the device through the secure channel, connected based on a preset security protocol.
However, Wentz in an analogous art discloses: wherein authenticating the device is configured to communicate with the device through the secure channel, connected based on a preset security protocol. (Wentz ¶15-17 and ¶45 disclose using TLS, which is mapped to preset security protocol, as a communication channel when verifying a certificate).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Kim wherein authenticating the device is configured to communicate with the device through the secure channel, connected based on a preset security protocol as disclosed by Wentz to ensure mutual secure authentication between different devices (see Wentz ¶15-17).

With respect to claim 6, Kim in view of Wentz disclose: The method of claim 5, wherein the encrypted signature message is acquired in such a way that the device encrypts a signature message on the secure channel using the second response value as a private key. (Kim ¶139 discloses a second response step wherein “The signatures exchanged by each other in the procedures above can be used to authenticate each other, and the shared secret keys (K1, K2, IV) may be utilized later when communicating with the TSM as an encryption key” wherein shared secret keys could be mapped to second response value used as a private key to encrypt the signature data).

With respect to claim 7, Kim in view of Wentz disclose: The method of claim 6, wherein authenticating the device is configured to decrypt the encrypted signature message using the public key included in the certificate and to authenticate the device by verifying the decrypted signature message. (Kim ¶129 “the signature applied thereto with the private key of the chip, and information (C1) encrypted with the shared secret keys for a handshake may be transmitted to the TSM (3607 to 3608).” Wherein the TSM, which is the authenticating device, decrypts it such as in Kim ¶133 for verification).

With respect to claim 8, Kim in view of Wentz disclose: The method of claim 7, further comprising: receiving second CRP information from the device through the secure channel and updating the first CRP information to the second CRP information. (Kim Fig. 3F step 3608 illustrates device chip sending to TSM second CRP information to update the CRP information on the TSM. See also Kim ¶129).

With respect to claim 9, Kim in view of Wentz disclose: The method of claim 8, wherein updating the first CRP information is configured such that, when the device is successfully authenticated, the device generates the second CRP information by selecting an update challenge value and generating an update response value from the update challenge value using the PUF. (Kim ¶112-115 disclose when the device comprising the chip requests a signature reissue and is validated by both the device and TSM the device generates in Fig. 3C step 3301 an updated CRP value using PUF).

With respect to claim 10, Kim in view of Wentz disclose: The method of claim 9, wherein updating the first CRP information is configured to receive the second CRP information from the device through the secure channel, to update the first CRP information to the second CRP information, (Kim Fig. 3C steps 3301 to 3308 illustrate updating the CRP information sent from the device chip to the Issuing machine and onto the TSM).
and to reply with information about whether the update is completed to the device. (Kim Fig. 3D illustrates another stage wherein a checkup is done to determine if a renewal is required and as illustrated in steps 3409-3410 the TSM replies with information about whether the update was previously completed successfully or a renewal is required).

With respect to claim 15, Kim discloses: The apparatus of claim 13, wherein the at least one program communicates with the device through the secure channel (Kim ¶133, 135 and 139 disclose using signature exchange for successful authentication wherein the data is encrypted thus mapped to a secure channel).
Kim does not explicitly disclose: wherein the at least one program communicates with the device through the secure channel connected based on a preset security protocol.
However, Wentz in an analogous art discloses: wherein the at least one program communicates with the device through the secure channel connected based on a preset security protocol. (Wentz ¶15-17 and ¶45 disclose using TLS, which is mapped to preset security protocol, as a communication channel when verifying a certificate).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Kim wherein authenticating the device is configured to communicate with the device through the secure channel, connected based on a preset security protocol as disclosed by Wentz to ensure mutual secure authentication between different devices (see Wentz ¶15-17).

With respect to claim 16, Kim in view of Wentz disclose: The apparatus of claim 15, wherein the encrypted signature message is acquired in such a way that the device encrypts a signature message on the secure channel using the second response value as a private key. (Kim ¶139 discloses a second response step wherein “The signatures exchanged by each other in the procedures above can be used to authenticate each other, and the shared secret keys (K1, K2, IV) may be utilized later when communicating with the TSM as an encryption key” wherein shared secret keys could be mapped to second response value used as a private key to encrypt the signature data).

With respect to claim 17, Kim in view of Wentz disclose: The apparatus of claim 16, wherein the at least one program decrypts the encrypted signature message using the public key included in the certificate and authenticates the device by verifying the decrypted signature message. (Kim ¶129 “the signature applied thereto with the private key of the chip, and information (C1) encrypted with the shared secret keys for a handshake may be transmitted to the TSM (3607 to 3608).” Wherein the TSM, which is the authenticating device, decrypts it such as in Kim ¶133 for verification).

With respect to claim 18, Kim in view of Wentz disclose: The apparatus of claim 17, wherein the at least one program receives second CRP information from the device through the secure channel and updates the first CRP information to the second CRP information. (Kim Fig. 3F step 3608 illustrates device chip sending to TSM second CRP information to update the CRP information on the TSM. See also Kim ¶129).

With respect to claim 19, Kim in view of Wentz disclose: The apparatus of claim 18, wherein, when the device is successfully authenticated, the device generates the second CRP information by generating an update response value from a previously stored update challenge value using the PUF. (Kim ¶112-115 disclose when the device comprising the chip requests a signature reissue and is validated by both the device and TSM the device generates in Fig. 3C step 3301 an updated CRP value using PUF).

With respect to claim 20, Kim in view of Wentz disclose: The apparatus of claim 19, wherein the at least one program receives the second CRP information from the device through the secure channel, updates the first CRP information to the second CRP information, (Kim Fig. 3C steps 3301 to 3308 illustrate updating the CRP information sent from the device chip to the Issuing machine and onto the TSM).
and replies with information about whether the update is completed to the device. (Kim Fig. 3D illustrates another stage wherein a checkup is done to determine if a renewal is required and as illustrated in steps 3409-3410 the TSM replies with information about whether the update was previously completed successfully or a renewal is required).

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to HANY S GADALLA whose telephone number is (571)272-2322. The examiner can normally be reached Mon to Fri 8:30AM - 5:00PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Carl Colin can be reached on (571) 272-3862. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/H.S.G./Examiner, Art Unit 2493

/CARL G COLIN/Supervisory Patent Examiner, Art Unit 2493