DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This Office Action is in response to the Amendment filed on 9/2/2022.
In instant Amendment, claims 14 has been newly added; claims 1, 4, 7, 8, 11 and 13 are independent claims. Claims 1-8, 11, 13 and 14 have been examined and are pending. This Action is made Final. 

Response to Arguments
Applicant’s arguments in the Amendment with respect to 35 U.S.C. 102/35 U.S.C. 103 rejection, have been fully considered but they are not persuasive.
A.	3GPP
Application Argues: The Office Action states that 3GPP TS 33.220 teaches, “sending by the user equipment to the authentication server, a key request with a view to communicating with the application server” ...The Applicant respectfully disagrees with this statement. 3GPP TS 33.220 describes a method in which the user equipment sends a key request to the bootstrapping server function BSF. This key request triggers authentication of the user equipment by the bootstrapping server. This bootstrapping server is not an authentication server within the meaning of claim 1. Indeed, in claim 1, the server to which the user equipment sends its key request is the authentication server of the mobile communication, which has already authenticated the user equipment for its access to the mobile network (cf. the first feature of the claimed method "the user equipment authenticating with an authentication server of a mobile communication network, a secret master key being generated, during said authenticating, by the user equipment and the authentication server"). Furthermore, the key request sent to the authentication server does not trigger a new authentication.
Examiner’s Response:  The examiner respectfully disagrees. The examiner notes the BSF as construed from 3GPP does reasonably read on an authentication server.  The examiner notes the UE authenticates with the BSF, as it is needed for interaction with a NAF, see page 26 – 4.5.2 -  Bootstrapping procedure.  So, the UE “begins” authenticating with an authentication server of a mobile communication network (page 27 – 4.5.2 – Bootstrapping procedures -  6. The BSF authenticates the UE) a secret master key being generated, during said authenticating, by the user equipment and the authentication server (page 26 – 4.5.2 – Bootstrapping procedures -  Fig. 4:3 – The Boostrapping Procedure – 7. Ks=CK||IK “at BSF” and 9. Ks=CK||IK “at UE” and page 27 – 4.5.2 – Bootstrapping procedures – 7. The BSF generates key material Ks... and 8. The key material Ks is generated in the UE and 9. Ks_NAF is computed).  The examiner notes on Page 7 – 4.5.2  9. Indicates that both the UE and the BSF use the KS to derive the key material Ks_NAF during the procedures specified in clause 4.5.3 Ks-Shall be used for securing the reference point Ua.  KS_Naf is computed..., similarly to page 26 – 4.5.2 – Bootstrapping procedures... which also refers to 4.5.3.   Thus, the examiner notes KS_NAF being computed as described in 4.5.3 (pp. 28-30), as referenced from 4.5.2/4.5.2. 9, which depicts in FIG. 4.4, p. 30, an UE (Application request w/ B-TID)  → NAF  (Authentication Request w/ B-TID) → BSF.  The examiner notes the interaction between UE → NAF →BSF as 
construed represents the sending by the user equipment to the authentication server, a key request with a view to communicating with the application server as noted on page 26 – 4.5.2 – Bootstrapping procedures – When a UE wants to interact with a NAF, and it knows that the bootstrapping procedure is needed, it shall first perform a bootstrapping authentication (see figure 4.3). Otherwise, the UE shall perform a bootstrapping authentication only when it has received bootstrapping initiation required message or a bootstrapping negotiation indication from the NAF, or when the lifetime of the key in UE has expired (cf. subclause 4.5.3).  Thus by, the initial bootstrapping is performed, per 4.5.2 and further per 4.5.3, FIG. 4.4, p. 30, which depicts UE (Application request w/ B-TID)   → NAF  (Authentication Request w/ B-TID) → BSF.  The examiner notes, reasonably, such an interaction covers sending by the user equipment to the authentication server a key request with a view to communicating with the applications server.  This, “view” is by way of communicating through the NAF.  The examiner suggests to further clarify what Applicant’s position on “view” and how it differs over the construction of the prior art of record.  Therefore the examiner finds this argument not persuasive.
Application Argues: The Office Action states that 3GPP TS 33.220 teaches, "computing said key by using a key derivation function applied to at least a random variable, a user identifier and an identifier of the application server and using the master key, said random variable having been received by the user equipment from the authentication server" ... The Applicant respectfully disagrees with this statement. In the method described in 3GPP TS 33.220, the key is calculated by means of a key derivation function which is applied to the random number RAND which was used during the authentication of the terminal by the boot server. This random number RAND is retrieved by the BSF at step 2 (page 27, step 2 "The BSF retrieves the complete set of GBA user security settings and one Authentication Vector (AV, AV = RANDIIAUTNIIXRESIICKIIIK) over the reference point Zh from the HSS"). This is not a new  random variable received by the user equipment from the authentication server (i.e., "said random variable having been received by the user equipment from the authentication server").  Therefore Claim 1 is not anticipated by 3GPP 33.220, which does not teach or suggest the following combination of features:  sending by the user equipment to the authentication server, a key request with a view to communicating with an application server; and computing said key by using a key derivation function applied to at least a random variable, a user identifier and an identifier of the application server and using the master key, said random variable having been received by the user equipment from the authentication server.
Examiner’s Response:   The examiner respectfully disagrees.  The examiner notes applicant's argument that the references fail to show certain features of applicant’s invention, it is noted that the features upon which applicant relies (i.e., [ This is not a new  random variable received by the user equipment from the authentication server (i.e., "said random variable having been received by the user equipment from the authentication server"). ]) are not recited in the rejected claim(s).  Although the claims are interpreted in light of the specification, limitations from the specification are not read into the claims.  See In re Van Geuns, 988 F.2d 1181, 26 USPQ2d 1057 (Fed. Cir. 1993).  Thus, the examiner notes as reasonably construed the prior art anticipates computing said key by using a key derivation function applied to at least the random variable, a user identifier and an identifier of the application server and using the master key (page 27 – 4.5.2 – Bootstrapping procedures – 3. The BSF forwards the RAND... to the UE and 9. Both the UE and the NSF shall use the Ks to derive the key material KS_NAF during the procedures as specified... Ks_NAF is computed as Ks_NAF (KS..., RAND, IMPI, and NAF_ID), wherein KDF is the key derivation function.... consist of the user’s IMPI, the NAF_ID, and RAND).  The examiner notes the claim does not require it to be a “new” RAND value as argued by Applicant.  Thus, the previous RAND value being used as part of the computation in addition with the user IMPI (i.e., user identifier), NAF_ID (application server identifier), and KS (i.e., master key) in order to compute KS_NAF, is reasonably and anticipates the claim.  The examiner suggests to Applicants to clarify their meaning of random variable and it being “new.” Therefore the examiner finds this argument not persuasive.
Thus, the examiner notes 3GPP TS 33.220, as reasonably construed, anticipates the claim language as argued; therefore, the examiner finds these arguments not persuasive.  
B.	Non-Obviousness
Applicant Argues: Further, one of ordinary skill in the art would not have obtained the claimed method from the method taught in 3GPP TS 33.220, either alone or in combination with Bournelle et al., U.S. Publication No. 2015/0189507 or Yang, U.S. Publication No. 2009/0117877. 
A skilled person trying to simplify the architecture of the mobile communication network and the method for determining a key to secure a communication between a user equipment and an application server and would not have found in 3GPP TS 33.220 any clue that the authentication server of the mobile communication network is involved to determine this key using a secret master key generated during the authentication of the user equipment and a new random variable. 
In fact, the architecture proposed in 3GPP TS 33.220 requires the introduction into the mobile communication network of a bootstrapping server to determine this key and triggers a new authentication by the bootstrapping server and a calculation of the key from the same random variable as that which was used to authenticate the user equipment. 
By contrast an exemplary embodiment of the claimed method... 
For all these reasons, a skilled person would not have reached the claimed invention with respect with 3GPP TS 33.220, and therefore the subject-matter of the present claim 1 is non- obvious. 
Similar arguments apply to the other independent claims, and thus to the respective dependent claims. 
For at least the above-reasons, the Applicant respectfully requests the claim rejections based on 3GPP TS 33.220 be withdrawn.
Examiner’s Response:   The examiner respectfully disagrees. The examiner notes as explained in the remarks found in section A. 3GPP.  The examiner notes as reasonably construed 3GPP anticipates all of Claim 1 as the teachings from 3GPP cover the metes and bounds of the claim as noted above and within the rejection below. Further the bootstrapping server acting as the authentication server, as constructed by the examiner, has been given its broadest reasonable interpretation and thus acts as the aforementioned claimed authentication server.  The examiner suggests to applicant to clarify over how the authentication server is differs from the bootstrapping server within the claim limitations.    The examiner notes further Bournelle and/or Yang would have been combinable to the 3GPP reference to render obvious those respective dependent claims, as motivation was cited for those purported combinations.  Therefore the examiner finds this general argument not persuasive. 





Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.


Claim(s) 1, 4, 6-8, 11 and 13 is/are rejected under 35 U.S.C. 102(a)(1) as being anticipated by 3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; Generic Authentication Architecture (GAA); Generic Bootstrapping Architecture (GBA) (Release 15)", 3GPP STANDARD; TECHNICAL SPECIFICATION; 3GPP TS 33.220, 3RD GENERATION PARTNERSHIP PROJECT (3GPP), MOBILE COMPETENCE CENTRE; 650, ROUTE DES LUCIOLES; F-06921 SOPHIA-ANTIPOLIS CEDEX; FRANCE, vol. SA WG3, no. V15.1.0, 4 January 2018 (2018-01-04), pp. 1-93.

Regarding Claim 1;
3GPP discloses a determining method for determining a key to secure a communication between a user equipment and an application server (page. 11 – 3.2 - Abbreviations – NAF – Network Application Function and pg. 26, 4.5.2 – Bootstrapping procedures – “When a UE wants to interact with a NAF... it shall first perform a bootstrapping authentication) said method comprising: 
the user equipment authenticating with an authentication server of a mobile communication network (page 27 – 4.5.2 – Bootstrapping procedures -  6. The BSF authenticates the UE) a secret master key being generated, during said authenticating, by the user equipment and the authentication server (page 26 – 4.5.2 – Bootstrapping procedures -  Fig. 4:3 – The Boostrapping Procedure – 7. Ks=CK||IK “at BSF” and 9. Ks=CK||IK “at UE” and page 27 – 4.5.2 – Bootstrapping procedures – 7. The BSF generates key material Ks... and 8. The key material Ks is generated in the UE and 9. Ks_NAF is computed);
sending by the user equipment to the authentication server, a key request with a view to communicating with the application server (page 26 – 4.5.2 – Bootstrapping procedures – When a UE wants to interact with a NAF, and it knows that the bootstrapping procedure is needed, it shall first perform a bootstrapping authentication (see figure 4.3). Otherwise, the UE shall perform a bootstrapping authentication only when it has received bootstrapping initiation required message or a bootstrapping negotiation indication from the NAF, or when the lifetime of the key in UE has expired (cf. subclause 4.5.3); and
 computing said key by using a key derivation function applied to at least a random variable, a user identifier and an identifier of the application server and using the master key, said random variable having been received by the user equipment from the authentication server (page 27 – 4.5.2 – Bootstrapping procedures – 3. The BSF forwards the RAND... to the UE and 9. Both the UE and the NSF shall use the Ks to derive the key material KS_NAF during the procedures as specified... Ks_NAF is computed as Ks_NAF (KS..., RAND, IMPI, and NAF_ID), wherein KDF is the key derivation function.... consist of the user’s IMPI, the NAF_ID, and RAND).

Regarding Claim 4;
3GPP discloses a determining method for determining a key to secure a communication between a user equipment and an application server (page. 11 – 3.2 - Abbreviations – NAF – Network Application Function and  pg. 26, 4.5.2 – Bootstrapping procedures – “When a UE wants to interact with a NAF... it shall first perform a bootstrapping authentication), said method comprising: 
-5- authenticating the user equipment by an authentication server a mobile communication network (page 27 – 4.5.2 – Bootstrapping procedures -  6. T=The BSF authenticates the UE), a secret master key being generated, during said(page 26 – 4.5.2 – Bootstrapping procedures -  Fig. 4:3 – The Boostrapping Procedure – 7. Ks=CK||IK “at BSF” and 9. Ks=CK||IK “at UE” and page 27 – 4.5.2 – Bootstrapping procedures – 7. The BSF generates key material Ks... and 8. The key material Ks is generated in the UE and 9. Ks_NAF is computed);
receiving by the authentication server a key request that was sent by the user equipment with a view to communicating with the application server (page 26 – 4.5.2 – Bootstrapping procedures – When a UE wants to interact with a NAF, and it knows that the bootstrapping procedure is needed, it shall first perform a bootstrapping authentication (see figure 4.3). Otherwise, the UE shall perform a bootstrapping authentication only when it has received bootstrapping initiation required message or a bootstrapping negotiation indication from the NAF, or when the lifetime of the key in UE has expired (cf. subclause 4.5.3); 
sending a random variable by the authentication server to the user equipment (page 27 – 4.5.2 – Bootstrapping procedures – 3. The BSF forwards the RAND... to the UE).; and
 computing said key by using a key derivation function applied to at least the random variable, a user identifier and an identifier of the application server and using the master key (page 27 – 4.5.2 – Bootstrapping procedures – 3. The BSF forwards the RAND... to the UE and 9. Both the UE and the NSF shall use the Ks to derive the key material KS_NAF during the procedures as specified... Ks_NAF is computed as Ks_NAF (KS..., RAND, IMPI, and NAF_ID), wherein KDF is the key derivation function.... consist of the user’s IMPI, the NAF_ID, and RAND).

Regarding Claim 6;
3GPP discloses the method to Claim 4;
3GPP further discloses further comprising: the authentication server verifying that it the authentication server has computed a key to make a communication between said user equipment and said application server secure, whether or not the random variable is sent to the user equipment depending on said verification (page 26 – 4.5.2 – Bootstrapping procedures -  Fig. 4:3 – The Boostrapping Procedure – 3. Then the BSF forwards the RAND... and 5. Verifying the AKA response and 7. Ks=CK||IK “at BSF” and 9. Ks=CK||IK “at UE” and page 27 – 4.5.2 – Bootstrapping procedures – 7. The BSF generates key material Ks... and 8. The key material Ks is generated in the UE and 9. Ks_NAF is computed).

Regarding Claim(s) 7; claim(s) 7 is/are directed to a/an user equipment associated with the method claimed in claim(s) 1. Claim(s) 7 is/are similar in scope to claim(s) 1, and is/are therefore rejected under similar rationale.

Regarding Claim(s) 8; claim(s) 8 is/are directed to a/an server associated with the method claimed in claim(s) 4. Claim(s) 8 is/are similar in scope to claim(s) 4, and is/are therefore rejected under similar rationale.

Regarding Claim(s) 11; claim(s) 11 is/are directed to a/an medium associated with the method claimed in claim(s) 1. Claim(s) 11 is/are similar in scope to claim(s) 1, and is/are therefore rejected under similar rationale.

Regarding Claim(s) 13; claim(s) 13 is/are directed to a/an medium associated with the method claimed in claim(s) 4. Claim(s) 13 is/are similar in scope to claim(s) 4, and is/are therefore rejected under similar rationale.








Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claim(s) 2 is/are rejected under 35 U.S.C. 103 as being unpatentable over 3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; Generic Authentication Architecture (GAA); Generic Bootstrapping Architecture (GBA) (Release 15)", 3GPP STANDARD; TECHNICAL SPECIFICATION; 3GPP TS 33.220, 3RD GENERATION PARTNERSHIP PROJECT (3GPP), MOBILE COMPETENCE CENTRE; 650, ROUTE DES LUCIOLES; F-06921 SOPHIA-ANTIPOLIS CEDEX; FRANCE, vol. SA WG3, no. V15.1.0, 4 January 2018 (2018-01-04), pp. 1-93 in view of Bournelle et al. (US 2015/0189507 A1).

Regarding Claim 2;
3GPP discloses the method to Claim 1;
3GPP fails to explicitly disclose wherein said authenticating is triggered during registration of the user equipment with the mobile communication network.  
However, in an analogous art, Bournelle teaches wherein said authenticating is triggered during registration of the user equipment with the mobile communication network (Bournelle, [0020] - Thus, once this security association message has been received, the terminal is not only attached to the access network, but also has at its disposal a security association parameter, usable for mutual authentication with an application. The procedures for attachment to the network and for setting up a security association are therefore combined within a single procedure, thus reducing the signaling necessary in respect of these two operations).
Therefore, it would have been obvious to one of ordinarily skill in the art before the effective filing date of the claimed invention to combine the teachings of Bournelle to the authenticating of 3GPP to include wherein said authenticating is triggered during registration of the user equipment with the mobile communication network.
One would have been motivated to combine the teachings of Bournelle to 3GPP to do so as it provides / allows a method of setting up a security association... which requires only a single joint phase of attachment to the network and of security association (i.e., thus reducing: delays during access..., increased complexity, and increased message exchanges) (Bournelle, [0014]-[0015]).






Claim(s) 3 and 5 is/are rejected under 35 U.S.C. 103 as being unpatentable over 3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; Generic Authentication Architecture (GAA); Generic Bootstrapping Architecture (GBA) (Release 15)", 3GPP STANDARD; TECHNICAL SPECIFICATION; 3GPP TS 33.220, 3RD GENERATION PARTNERSHIP PROJECT (3GPP), MOBILE COMPETENCE CENTRE; 650, ROUTE DES LUCIOLES; F-06921 SOPHIA-ANTIPOLIS CEDEX; FRANCE, vol. SA WG3, no. V15.1.0, 4 January 2018 (2018-01-04), pp. 1-93 in view of Yang (US 2009/0117877 A1).

Regarding Claim 3;
3GPP discloses the method to Claim 1;
	3GPP further discloses further comprising:  the user equipment sending, to the application server, an access request (page 25 – 4.5.1. – Initiation of bootstrapping – FIG. 4.2: Initiation of bootstrapping).
3GPP fails to explicitly the user equipment receiving, from the application server, a proof prepared by the authentication server and intended for the user equipment, whether or not the key request is sent depending on a verification said proof by the user equipment.
However, in an analogous art, Yang teaches further comprising:  the user equipment sending, to the application server, an access request (Yang, [0006]); and the user equipment receiving, from the application server, a proof prepared by the authentication server and intended for the user equipment, whether or not the key request is sent depending on a verification said proof by the user equipment (Yang, [0009] - If the BSF has not negotiated with the UE about any available shared key Ks upon reception of the key request of the NAF, then the BSF acquires a set of authentication vectors from the HSS and calculates Ks and Ks_NAF and transmits to the NAF an authentication token (AUTN) in the set of authentication vectors and the derived key Ks_NAF and also possibly a random number (RAND), a Bootstrapping Session Transaction Identifier (B-TID), a lifetime of the derived key Ks_NAF in the authentication vectors, etc. Then, the NAF transmits, in a push message transmitted to the UE, the information of AUTN, RAND, B-TID, NAF Identifier (NAF_ID), etc., and also possibly encrypted data. The UE authenticates the network and calculates the shared key Ks and the derived key Ks_NAF in accordance with the values of AUTN and RAND).
Therefore, it would have been obvious to one of ordinarily skill in the art before the effective filing date of the claimed invention to combine the teachings of Yang to the access request of 3GPP to include [further comprising:  the user equipment sending, to the application server, an access request]; and the user equipment receiving, from the application server, a proof prepared by the authentication server and intended for the user equipment, whether or not the key request is sent depending on a verification said proof by the user equipment
One would have been motivated to combine the teachings of Yang to 3GPP to do so as it provides / allows generic framework for accomplishing user identity authentication (Yang, [0003]).

Regarding Claim 5;
3GPP discloses the method to Claim 4;
3GPP fails to explicitly disclose further comprising:  the authentication server delivering to the application server a prepared proof intended for the user equipment, said proof being intended to be sent, by the application server, to the user equipment in response to an access request sent by the user equipment, whether or not the key request is sent to the authentication server depending on a verification of said proof by the user equipment.
However, in an analogous art, Yang teaches further comprising:  the authentication server delivering to the application server a prepared proof intended for the user equipment, said proof being intended to be sent, by the application server, to the user equipment in response to an access request sent by the user equipment, whether or not the key request is sent to the authentication server depending on a verification of said proof by the user equipment. (Yang, [0006] and [0009] - If the BSF has not negotiated with the UE about any available shared key Ks upon reception of the key request of the NAF, then the BSF acquires a set of authentication vectors from the HSS and calculates Ks and Ks_NAF and transmits to the NAF an authentication token (AUTN) in the set of authentication vectors and the derived key Ks_NAF and also possibly a random number (RAND), a Bootstrapping Session Transaction Identifier (B-TID), a lifetime of the derived key Ks_NAF in the authentication vectors, etc. Then, the NAF transmits, in a push message transmitted to the UE, the information of AUTN, RAND, B-TID, NAF Identifier (NAF_ID), etc., and also possibly encrypted data. The UE authenticates the network and calculates the shared key Ks and the derived key Ks_NAF in accordance with the values of AUTN and RAND).
Therefore, it would have been obvious to one of ordinarily skill in the art before the effective filing date of the claimed invention to combine the teachings of Yang to the access request of 3GPP to include further comprising:  the authentication server delivering to the application server a prepared proof intended for the user equipment, said proof being intended to be sent, by the application server, to the user equipment in response to an access request sent by the user equipment, whether or not the key request is sent to the authentication server depending on a verification of said proof by the user equipment..
One would have been motivated to combine the teachings of Yang to 3GPP to do so as it provides / allows generic framework for accomplishing user identity authentication (Yang, [0003]).

Claim(s) 14 is/are rejected under 35 U.S.C. 103 as being unpatentable over 3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; Generic Authentication Architecture (GAA); Generic Bootstrapping Architecture (GBA) (Release 15)", 3GPP STANDARD; TECHNICAL SPECIFICATION; 3GPP TS 33.220, 3RD GENERATION PARTNERSHIP PROJECT (3GPP), MOBILE COMPETENCE CENTRE; 650, ROUTE DES LUCIOLES; F-06921 SOPHIA-ANTIPOLIS CEDEX; FRANCE, vol. SA WG3, no. V15.1.0, 4 January 2018 (2018-01-04), pp. 1-93 in view of Yang (US 2009/0117877 A1) in view of Lee et al. (US 2018/0020351 A1).

Regarding Claim 14;
3GPP discloses the method to Claim 1;
	3GPP fails to explicitly disclose wherein the random variable is unrelated to any random variable used during the authenticating.
	However, in an analogous art, Lee teaches wherein the random variable is unrelated to any random variable used during the authenticating (Lee, [0039] - ... f5′ is a key derivation function and RAND is a random number used for AUTN generation (i.e., AK generation). Alternatively, RAND may be another randomly chosen number by the HSS 215-a. In such a case, RAND may be sent to the UE 115 separately from the RAND in the authentication vector during the authentication. In some examples, key encrypting key (KEK) may be used for AK2 if, for example, the initial serving network authentication is enabled).
Therefore, it would have been obvious to one of ordinarily skill in the art before the effective filing date of the claimed invention to combine the teachings of Lee to key derivation of 3GPP to include wherein the random variable is unrelated to any random variable used during the authenticating.
One would have been motivated to combine the teachings of Lee to 3GPP to do so as it provides / allows a secure approach foe device authentication (Lee, [0037]).

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. See PTO-892 attached.
THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to KARI L SCHMIDT whose telephone number is (571)270-1385. The examiner can normally be reached Monday-Friday 10am - 6pm (MDT).
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Luu Pham can be reached on (571)270-5002. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/KARI L SCHMIDT/Primary Examiner, Art Unit 2439