DETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
The present application, filed on March 02, 2022, is accepted.
Claims 1 – 18 are being considered on the merits.

Drawings
The drawings, filed on March 02, 2022, area accepted.

Specification
The specification, filed on March 02, 2022, is accepted.

Claim Interpretation
The following is a quotation of 35 U.S.C. 112(f):
(f) Element in Claim for a Combination. – An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof. 
This application includes one or more claim limitations that do not use the word “means,” but are nonetheless being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, because the claim limitation(s) uses a generic placeholder that is coupled with functional language without reciting sufficient structure to perform the recited function and the generic placeholder is not preceded by a structural modifier.  Such claim limitations are: 
Claim 1 recites “a sender device configured to send a first plurality of data blocks”
Claim 13 recites “the sender device is further configured to receive a second plurality of data blocks, including second encrypted data blocks and second unencrypted data blocks”
Because these claim limitations are being interpreted under 35 U.S.C. 112(f) they are being interpreted to cover the corresponding structure described in the specification as performing the claimed function, and equivalents thereof.
Examiner has investigated the specification of the instant application and finds the following:
Page [13], Para. [45]: The sender 1 includes pre-stage data processor 10, a data classifier 11, a security processor 12, a Pseudo Random Number Generator (PRNG) 13, a synchronization controller 14, and a transceiver 16. In addition, the security processor 12 includes a parsing processor 17, a secret key selection unit 18, and a tag generator 19. Thus, as will be described in more detail, the sender 1 includes one or more processors configured to process data and transmit data messages over the communication network 3.

Claim 1 recites “a first sequence generator configured to generate a first sequence of bits having a bit pattern that comprises first bit values and second bit values”
Claim 13 recites “the first sequence generator configured to generate a second sequence of bits having a second bit pattern that comprises the first bit values and the second bit values”
Claim 16 recites “a first sequence generator configured to generate a first sequence of bits having a bit pattern that comprises first bit values and second bit values”
Because these claim limitations are being interpreted under 35 U.S.C. 112(f) they are being interpreted to cover the corresponding structure described in the specification as performing the claimed function, and equivalents thereof.
Examiner has investigated the specification of the instant application and finds the following:
Page [18], Para. [63]: The synchronization controller 14 and the PRNG 13 may, together, be referred to as a random sequence generator. Similarly, the synchronization controller 24 and the PRNG 23 may, together, be referred to as a random sequence generator and may be identical in configuration to the synchronization controller 14 and the PRNG 13, respectively. The PRNGs 13 and 23 are identical and synchronized with each other. 

Claim 1 recites “a first parsing processor configured to receive the first plurality of data blocks and the first sequence of bits, select a first subset of data blocks and a second subset of data blocks from the first plurality of data blocks based on the bit pattern, output the selected first subset of data blocks to a first signal path, and output the selected second subset of data blocks to a second signal path coupled to an output terminal”
Claim 2 recites “the first sequence generator is configured to associate each of the first plurality of data blocks to a different corresponding bit of the first sequence of bits, extract data blocks from the first plurality of data blocks that are associated with the first bit values to be used as the selected first subset of data blocks, and extract data blocks from the first plurality of data blocks that are associated with the second bit values to be used as the selected second subset of data block”
Claim 9 recites “the first parsing processor configured to receive the second plurality of data blocks and the different sequence of bits, select a third subset of data blocks and a fourth subset of data blocks from the second plurality of data blocks based on the different bit pattern, output the selected third subset of data blocks to the first signal path, and output the selected fourth subset of data blocks to the second signal path coupled to the output terminal”
Claim 13 recites “the first parsing processor configured to receive the second encrypted data blocks and the second unencrypted data blocks, receive the second sequence of bits from the first sequence generator, and parse out the second encrypted data blocks from the second unencrypted data blocks based on the second bit pattern, wherein the sender device further comprises a decryption processor configured to receive the second encrypted data blocks parsed out by the first parsing processor and decrypt the second encrypted data blocks to generate third unencrypted data blocks.”
Claim 15 recites “the first parsing processor configured to associate each of the second plurality of data blocks to a different corresponding bit of the second sequence of bits, extract data blocks from the second plurality of data blocks that are associated with the first bit values of the second sequence of bits as the second encrypted data blocks to be decrypted by the decryption processor, and extract data blocks from the second plurality of data blocks that are associated with the second bit values of the second sequence of bits as the second unencrypted data blocks.”
Claim 16 recites “a first parsing processor configured to receive the first plurality of data blocks, receive the first sequence of bits from the first sequence generator, and parse out the encrypted data blocks from the unencrypted data blocks based on the bit pattern, wherein the first parsing processor is configured to associate each of the first plurality of data blocks to a different corresponding bit of the first sequence of bits, extract data blocks from the first plurality of data blocks that are associated with the first bit values as the encrypted data blocks to be decrypted by the decryption processor, and extract data blocks from the first plurality of data blocks that are associated with the second bit values as the unencrypted data blocks”
Because these claim limitations are being interpreted under 35 U.S.C. 112(f) they are being interpreted to cover the corresponding structure described in the specification as performing the claimed function, and equivalents thereof.
Examiner has investigated the specification of the instant application and finds the following:
Page [17], Para. [59]: The parsing processor 17 is configured to extract a subset of bits or bytes from the data (i.e., original data or pre-filtered data) based on a randomized intra- message pattern. That is, the randomized intra-message pattern determines which bits or bytes from the data are to be used by the tag generator 18 to generate a checksum value or hash value. In this example, a MAC value is generated using the extracted data subset instead of the entire data message and a selected secret key. Generating the MAC value based on only a subset of the original data may help increase the data throughput of the communication system 100.

Claim 1 recites “an encryption processor configured to encrypt the selected first subset of data blocks received from the first parsing processor to generate encrypted data blocks and output the encrypted data blocks to the output terminal”
Claim 5 recites “the encryption processor is configured to encrypt each data block of the selected first subset of data blocks into ciphertext”
Claim 6 recites “the encryption processor is configured to encrypt each data block of the selected first subset of data blocks into ciphertext”
Claim 9 recites “the encryption processor configured to encrypt the selected third subset of data blocks received from the first parsing processor to generate further encrypted data blocks and output the further encrypted data blocks to the output terminal”
Because these claim limitations are being interpreted under 35 U.S.C. 112(f) they are being interpreted to cover the corresponding structure described in the specification as performing the claimed function, and equivalents thereof.
Examiner has investigated the specification of the instant application and finds the following:
Page [21], Para. [72]: Once the tag generator 19 generates the MAC, the sender 1 can start preparing the transmission of the data message via the transceiver 16. That data message includes a header in which the TCI provided by the data classifier 11 is included. If pre-filtering was used on the original data message, the pre-filtered data message may transmitted to the receiver 2 instead of the original data message. The transceiver 16may optionally include an encryption processor configured to receive the data message, comprising either original data or pre-filtered data, and encrypt it. The encryption processor may also encrypt the MAC. Thus, in one example, a MAC is produced based on the data message (i.e., the plaintext), and the data message and the MAC are transmitted, unencrypted, to the receiver 2 via the communication network 3.

Claim 1 recites “the output terminal is configured to output the encrypted data blocks and the unencrypted data blocks from the sender device”
Claim 8 recites “the output terminal is configured to output the encrypted data blocks and the unencrypted data blocks from the sender device in a single data stream”
Claim 9 recites “the output terminal is configured to output the further encrypted data blocks and the selected fourth subset of data blocks from the sender device”
Because these claim limitations are being interpreted under 35 U.S.C. 112(f) they are being interpreted to cover the corresponding structure described in the specification as performing the claimed function, and equivalents thereof.
Examiner has investigated the specification of the instant application and finds the following:
Page [15], Para. [53]: Upon determining the traffic class of the data, the data classifier 11 may transmit the TCI via an output terminal Out1 to the transceiver 16 to be included in the header of the data message. In addition, if the data classifier 11 determines from the selected processing rule set that no further data processing to be performed and that no data authentication is needed, the data classifier 11 may also transmit the data via output terminal Out1 to the transceiver 16, and the transceiver 16 may transmit the data message, including the TCI and the data, to the receiver 2 without an authentication tag (e.g., without a MAC).

Claim 10 recites “a receiver device configured to receive the first plurality of data blocks, which include the encrypted data blocks and the unencrypted data blocks, from the sender device”
Claim 16 recites “A receiver device configured to receive a first plurality of data blocks, which include encrypted data blocks and unencrypted data blocks”
Because these claim limitations are being interpreted under 35 U.S.C. 112(f) they are being interpreted to cover the corresponding structure described in the specification as performing the claimed function, and equivalents thereof.
Examiner has investigated the specification of the instant application and finds the following:
Page [14], Para. [49]: The receiver 2 includes a security processor 22, a PRNG 23, a synchronization controller 24, a comparison unit 25, and a transceiver 26. In addition, the security processor 22 includes a parsing processor 27, a secret key selection unit 28, and tag generator 29. The comparison unit 2525 generates a validation signal (i.e., a validation result) based on a verification process. Thus, as will be described in more detail, the receiver 2 receives data messages over the communication network 3 and includes one or more processors configured to process the data messages and verify an integrity and/or authenticity thereof.

Claim 10 recites “a second sequence generator configured to generate the first sequence of bits with the bit pattern matching the bit pattern generated by the first sequence generator”
Because these claim limitations are being interpreted under 35 U.S.C. 112(f) they are being interpreted to cover the corresponding structure described in the specification as performing the claimed function, and equivalents thereof.
Examiner has investigated the specification of the instant application and finds the following:
Page [18], Para. [63]: The synchronization controller 14 and the PRNG 13 may, together, be referred to as a random sequence generator. Similarly, the synchronization controller 24 and the PRNG 23 may, together, be referred to as a random sequence generator and may be identical in configuration to the synchronization controller 14 and the PRNG 13, respectively. The PRNGs 13 and 23 are identical and synchronized with each other. 

Claim 10 recites “a second parsing processor configured to receive the encrypted data blocks and the unencrypted data blocks, receive the first sequence of bits from the second sequence generator, and parse out the encrypted data blocks from the unencrypted data blocks based on the bit pattern”
Claim 11 recites “the second parsing processor is configured to associate each of the first plurality of data blocks to a different corresponding bit of the first sequence of bits, extract data blocks from the first plurality of data blocks that are associated with the first bit values as the encrypted data blocks to be decrypted by the decryption processor, and extract data blocks from the first plurality of data blocks that are associated with the second bit values as the unencrypted data blocks”
Because these claim limitations are being interpreted under 35 U.S.C. 112(f) they are being interpreted to cover the corresponding structure described in the specification as performing the claimed function, and equivalents thereof.
Examiner has investigated the specification of the instant application and finds the following:
Page [17], Para. [59]: The parsing processor 17 is configured to extract a subset of bits or bytes from the data (i.e., original data or pre-filtered data) based on a randomized intra- message pattern. That is, the randomized intra-message pattern determines which bits or bytes from the data are to be used by the tag generator 18 to generate a checksum value or hash value. In this example, a MAC value is generated using the extracted data subset instead of the entire data message and a selected secret key. Generating the MAC value based on only a subset of the original data may help increase the data throughput of the communication system 100.

Claim 10 recites “a decryption processor configured to receive the encrypted data blocks parsed out by the second parsing processor and decrypt the encrypted data blocks”
Claim 13 recites “a decryption processor configured to receive the second encrypted data blocks parsed out by the first parsing processor and decrypt the second encrypted data blocks to generate third unencrypted data blocks”
Claim 16 recites “a decryption processor configured to receive the encrypted data blocks parsed out by the first parsing processor and decrypt the encrypted data blocks to generate further unencrypted data blocks”
Because these claim limitations are being interpreted under 35 U.S.C. 112(f) they are being interpreted to cover the corresponding structure described in the specification as performing the claimed function, and equivalents thereof.
Examiner has investigated the specification of the instant application and finds the following:
Page [30], Para. [101]: FIG. 5 shows a block diagram illustrating an example for decrypting a random set of data blocks according to one or more embodiments. In particular, a decryption processor 45 is configured to receive ciphertext provided from a parsing processor, decrypt the ciphertext, and output the plaintext. The ciphertext may be selectively provided by the parsing processor based on a random sequence of bits, as described above in conjunction with FIG. 4


If applicant does not intend to have this/these limitation(s) interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, applicant may:  (1) amend the claim limitation(s) to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph (e.g., by reciting sufficient structure to perform the claimed function); or (2) present a sufficient showing that the claim limitation(s) recite(s) sufficient structure to perform the claimed function so as to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1 – 9 and 16 – 18 are rejected under 35 U.S.C. 103 as being unpatentable over US 20150156174 A1 Fahey et al., (hereinafter, “Fahey”) in view of US 20190129888 A1 to Bowman et al., (hereinafter, “Bowman”).
Regarding claim 1, Fahey teaches a communication system, comprising: a sender device configured to send a first plurality of data blocks, the sender device comprising: a first sequence generator configured to generate a first sequence of bits having a bit pattern that comprises first bit values and second bit values; [Fahey, para. 52 discloses the process 500 includes generating 502 a plurality of chunks from a data object. Generating 502 the chunks from the data object may be performed by deconstructing the data object into a plurality of parts that collectively, but not individually, contain all the data of the data object. For example, in some embodiments, the chunks may be generated as sequential subsequences of a sequence of bits that comprises the data object. The subsequences may be configured to have uniform size. Thus, the generated 502 chunks may all have uniform size except for a last sequence of bits if the size of the data object is not evenly divisible by the uniform size.] and an encryption processor configured to encrypt the selected first subset of data blocks received from the first parsing processor to generate encrypted data blocks and output the encrypted data blocks to the output terminal, [Fahey, para. 53 discloses the process 500 includes encrypting 504 the generated chunks. The generated chunks may be encrypted 504 in any suitable manner. In some examples, each chunk is encrypted 504 using a symmetric key cryptographic cypher. That is a cypher that utilizes a cryptographic primitive that takes as input a key that is usable both to encrypt and decrypt. In some embodiments, the cryptographic cypher is non-parallelizable for encryption. In other words, the process of encryption may be configured such that the encryptions of various portions of the chunk cannot be performed by different processors in parallel.] wherein the output terminal is configured to output the encrypted data blocks and the unencrypted data blocks from the sender device [Fahey, para. 19 discloses the data chunks are transmitted to the data storage service in a manner that causes the data storage service to treat the collection of encrypted data chunks (and, in some embodiments, initialization vectors) as a single data object. For example, the data storage service may associate the encrypted data chunks (and possibly initialization vectors) with a single identifier (which may comprise multiple pieces of information such as a logical data container name unique in the data storage system and object identifier unique within the logical data container).], but Fahey does not teach a first parsing processor configured to receive the first plurality of data blocks and the first sequence of bits, select a first subset of data blocks and a second subset of data blocks from the first plurality of data blocks based on the bit pattern, output the selected first subset of data blocks to a first signal path, and output the selected second subset of data blocks to a second signal path coupled to an output terminal; wherein the second signal path bypasses the encryption processor such that the selected second subset of data blocks remain unencrypted data blocks.
However, Bowman does teach a first parsing processor configured to receive the first plurality of data blocks and the first sequence of bits, [Bowman, para. 8 discloses The set of node device identifiers may define a 0-based ascending set of positive integers incremented by a value of 1, and the data of the data set may include partitioned data wherein: the data of the data set is divided into a set of partitions that are each required to be provided to a single node device; each block of data is divided into one or more data sub-blocks that are each individually associated with a partition of the set of partitions; and all data sub-blocks associated with a single partition of the set of partitions must be included within a single block of data.] select a first subset of data blocks and a second subset of data blocks from the first plurality of data blocks based on the bit pattern, output the selected first subset of data blocks to a first signal path, and output the selected second subset of data blocks to a second signal path coupled to an output terminal; [Bowman, para. 353 discloses It is envisioned that actual implementations of such grouping of portions of a data set 2330 are likely to involve considerably larger data sets 2330 divided into a considerably larger quantity of portions among a considerably larger quantity of node devices 2700. It should also be noted that, although these various examples each depict the grouping of encrypted data blocks 2131 of data that is to be stored in encrypted form, other embodiments are possible in which it is data blocks 2130 that are grouped as part of storing data in unencrypted form.] wherein the second signal path bypasses the encryption processor such that the selected second subset of data blocks remain unencrypted data blocks. [Bowman, para. 137 discloses The control device may also store the map block encryption data employed in encrypting the first or only block of the map in unencrypted form within the data file at a predetermined offset from the start of the data file. Alternatively, the map block encryption data for the first or only block of the map may be subjected to an XOR operation to prior to being stored at the predetermined offset to provide at least the appearance of being part of the encrypted data within the data file, thereby effectively hiding it in plain sight to some extent within the data file.]
Therefore, it would have been obvious to one of ordinary skill within the art before the effective filling date to combine Bowman’s system with Fahey’s system, with a motivation to improve distributed encryption, storage, retrieval and/or decryption of a data set processed by multiple node devices. A data set may be stored within a single data file for relatively long term storage (also commonly referred to as “persisted”) in a distributed manner among one or more storage devices. The data of the data set may be divided into multiple data blocks and/or data sub-blocks within the data file in a manner that correlates to the manner in which portions of the data set are distributed among multiple node devices during processing. [Bowman, para. 126]

Regarding claim 2, modified Fahey teaches the communication system of claim 1, but Fahey does not teach wherein the first parsing processor is configured to associate each of the first plurality of data blocks to a different corresponding bit of the first sequence of bits, extract data blocks from the first plurality of data blocks that are associated with the first bit values to be used as the selected first subset of data blocks, and extract data blocks from the first plurality of data blocks that are associated with the second bit values to be used as the selected second subset of data blocks.  
However, Bowman does teach wherein the first parsing processor is configured to associate each of the first plurality of data blocks to a different corresponding bit of the first sequence of bits, extract data blocks from the first plurality of data blocks that are associated with the first bit values to be used as the selected first subset of data blocks, and extract data blocks from the first plurality of data blocks that are associated with the second bit values to be used as the selected second subset of data blocks. [Bowman, para. 8 discloses The set of node device identifiers may define a 0-based ascending set of positive integers incremented by a value of 1, and the data of the data set may include partitioned data wherein: the data of the data set is divided into a set of partitions that are each required to be provided to a single node device; each block of data is divided into one or more data sub-blocks that are each individually associated with a partition of the set of partitions; and all data sub-blocks associated with a single partition of the set of partitions must be included within a single block of data. Para. 353 discloses It is envisioned that actual implementations of such grouping of portions of a data set 2330 are likely to involve considerably larger data sets 2330 divided into a considerably larger quantity of portions among a considerably larger quantity of node devices 2700. It should also be noted that, although these various examples each depict the grouping of encrypted data blocks 2131 of data that is to be stored in encrypted form, other embodiments are possible in which it is data blocks 2130 that are grouped as part of storing data in unencrypted form.]
Therefore, it would have been obvious to one of ordinary skill within the art before the effective filling date to combine Bowman’s system with Fahey’s system, with a motivation to improve distributed encryption, storage, retrieval and/or decryption of a data set processed by multiple node devices. A data set may be stored within a single data file for relatively long term storage (also commonly referred to as “persisted”) in a distributed manner among one or more storage devices. The data of the data set may be divided into multiple data blocks and/or data sub-blocks within the data file in a manner that correlates to the manner in which portions of the data set are distributed among multiple node devices during processing. [Bowman, para. 126]

As per claim 3, modified Fahey teaches the communication system of claim 1, wherein the first sequence generator is a random sequence generator, the first sequence of bits is a random bit sequence, and the bit pattern is a randomized bit pattern comprising a randomized intermixing of the first bit values and the second bit values. [Fahey, para. 52 discloses the process 500 includes generating 502 a plurality of chunks from a data object. Generating 502 the chunks from the data object may be performed by deconstructing the data object into a plurality of parts that collectively, but not individually, contain all the data of the data object. For example, in some embodiments, the chunks may be generated as sequential subsequences of a sequence of bits that comprises the data object. The subsequences may be configured to have uniform size. Thus, the generated 502 chunks may all have uniform size except for a last sequence of bits if the size of the data object is not evenly divisible by the uniform size. Para. 17 discloses An initialization vector may be randomly or pseudorandomly (i.e., stochastically) generated for each data chunk or may be obtained for each data chunk in a non-random manner, such as by using obtaining initialization vectors sequentially from a sequence (e.g., a sequence of integers). The client computer system may also perform other operations on the data chunks in parallel, such as the computation of checksums, application of one or more data compression algorithms on the data chunks and/or other operations.]

As per claim 4, modified Fahey teaches the communication system of claim 1, wherein the sender device further comprises: a memory configured to store the first plurality of data blocks. [Fahey, para. 18 discloses he client computer system may also utilize various parallelization techniques to transfer the data chunks to the data storage service. For example, in some embodiments, the client computer system sends different sets of data chunks to different servers of the data storage service. For instance, the client computer system may submit a separate upload request for each data chunk (or each set of a partitioning of the data chunks into sets). Each request may be initiated using the same service endpoint identifier (e.g., uniform resource locator (URL)) and the data storage service may respond to each initiation with a network address of a server to handle the request. In this manner, data may be transferred to the data storage service to overcome physical limitations of individual servers, such as the rate at which a single server is able to receive incoming data. Each encrypted data chunk may be transmitted to the data storage service with the initialization vector used to encrypt the data chunk, thereby enabling use of the initialization vector for later decryption.]  

As per claim 5, modified Fahey teaches the communication system of claim 1, wherein the encryption processor is configured to encrypt each data block of the selected first subset of data blocks into ciphertext. [Fahey, para. 53 discloses the process 500 includes encrypting 504 the generated chunks. The generated chunks may be encrypted 504 in any suitable manner. In some examples, each chunk is encrypted 504 using a symmetric key cryptographic cypher. That is a cypher that utilizes a cryptographic primitive that takes as input a key that is usable both to encrypt and decrypt. In some embodiments, the cryptographic cypher is non-parallelizable for encryption. In other words, the process of encryption may be configured such that the encryptions of various portions of the chunk cannot be performed by different processors in parallel. For instance, encryption of a chunk may include encrypting subportions, which may be referred to as blocks, of the chunk, where encryption of a block may depend on the result on encryption of a previous block.]

As per claim 6, it recites features similar to features within claims 5, therefore, it is rejected in a similar manner.  
Regarding claim 7, modified Fahey teaches the communication system of claim 6, but Fahey does not teach wherein each data block of the selected second subset of data blocks is output from the output terminal as plaintext. 
However, Bowman does teach wherein each data block of the selected second subset of data blocks is output from the output terminal as plaintext. [Bowman, para. 8 discloses The set of node device identifiers may define a 0-based ascending set of positive integers incremented by a value of 1, and the data of the data set may include partitioned data wherein: the data of the data set is divided into a set of partitions that are each required to be provided to a single node device; each block of data is divided into one or more data sub-blocks that are each individually associated with a partition of the set of partitions; and all data sub-blocks associated with a single partition of the set of partitions must be included within a single block of data. Bowman, para. 353 discloses other embodiments are possible in which it is data blocks 2130 that are grouped as part of storing data in unencrypted form.]
Therefore, it would have been obvious to one of ordinary skill within the art before the effective filling date to combine Bowman’s system with Fahey’s system, with a motivation to improve distributed encryption, storage, retrieval and/or decryption of a data set processed by multiple node devices. A data set may be stored within a single data file for relatively long term storage (also commonly referred to as “persisted”) in a distributed manner among one or more storage devices. The data of the data set may be divided into multiple data blocks and/or data sub-blocks within the data file in a manner that correlates to the manner in which portions of the data set are distributed among multiple node devices during processing. [Bowman, para. 126]

Regarding claim 8, modified Fahey teaches the communication system of claim 1, but Fahey does not teach wherein the output terminal is configured to output the encrypted data blocks and the unencrypted data blocks from the sender device in a single data stream. 
However, Bowman does teach wherein the output terminal is configured to output the encrypted data blocks and the unencrypted data blocks from the sender device in a single data stream. [Bowman, para. 27 discloses transmitting, by the processor component to the control device via the network, an indication of a total size of a first subset of the multiple blocks of data that is stored within the storage of the node device; and receiving, by the processor component from the control device via the network, a block exchange instruction for the node device to participate in a performance of a set of block exchanges in which at least one node device of the multiple node devices serves as a source device to transmit one of the subsets of the multiple blocks of data to another node device of the multiple node devices that serves as a target node device. The method may further include, in response to the block exchange instruction comprising an indication that the node device is to serve as a target node to receive a second subset of the multiple blocks of data from another node device that serves as a source node device in the set of block exchanges, performing operations including: receiving, by the processor component from the source node device via the network, the second subset; storing the second subset in the storage; as part of a registration of the multiple blocks of data by the multiple node devices, transmitting, by the processor component to the control device via the network, an indication of a size of each block of data, or of each sub-block of each block of data, of the first subset and of the second subset, and in an order among the blocks of data of the first subset and the second subset that corresponds to an ordering among the multiple blocks of data that corresponds to the ordering among the multiple node devices;]
Therefore, it would have been obvious to one of ordinary skill within the art before the effective filling date to combine Bowman’s system with Fahey’s system, with a motivation to improve distributed encryption, storage, retrieval and/or decryption of a data set processed by multiple node devices. A data set may be stored within a single data file for relatively long term storage (also commonly referred to as “persisted”) in a distributed manner among one or more storage devices. The data of the data set may be divided into multiple data blocks and/or data sub-blocks within the data file in a manner that correlates to the manner in which portions of the data set are distributed among multiple node devices during processing. [Bowman, para. 126]

Regarding claim 9, modified Fahey teach the communication system of claim 1, wherein: in response to the communication system being powered on, the first sequence generator is configured to generate a different sequence of bits representative of a different bit pattern, wherein the first sequence generator is configured to change the first sequence of bits to the different sequence of bits to create the different bit pattern, [Fahey, para. 65 discloses in response to the uploaded request, receiving 614 an identifier of a server to process the upload. The upload may then be initiated 616 to the identified server. A determination may then be made 618 whether there are additional chunks to upload and, if determined 618 that there are additional chunks to upload, the process 600 may include generating 608 a next initialization vector and encrypting 610 the next chunk using the encryption key and the next initialization vector. An upload to the identified server may then be initiated 616 and a determination may then be made 618 whether there are additional chunks. If determined that there are additional chunks, certain operations may repeat such as illustrated in FIG. 6 and described above until it is determined 618 that there are no additional chunks to be uploaded. The process 600 may then include monitoring the uploads that have been initiated and therefore making a determination 620 whether all chunks are uploaded repeatedly until determined 620 that all chunks have been uploaded. Once determined 620 that all chunks have been uploaded, the process 600 may include submitting 602 a request to complete the multi-part upload.] wherein the different bit sequence comprises the first bit values and the second bit values arranged according to the different bit pattern, wherein the encryption processor configured to encrypt the selected third subset of data blocks received from the first parsing processor to generate further encrypted data blocks and output the further encrypted data blocks to the output terminal, [Fahey, para. 53 discloses the process 500 includes encrypting 504 the generated chunks. The generated chunks may be encrypted 504 in any suitable manner. In some examples, each chunk is encrypted 504 using a symmetric key cryptographic cypher. That is a cypher that utilizes a cryptographic primitive that takes as input a key that is usable both to encrypt and decrypt. In some embodiments, the cryptographic cypher is non-parallelizable for encryption. In other words, the process of encryption may be configured such that the encryptions of various portions of the chunk cannot be performed by different processors in parallel.]wherein the output terminal is configured to output the further encrypted data blocks and the selected fourth subset of data blocks from the sender device [Fahey, para. 19 discloses the data chunks are transmitted to the data storage service in a manner that causes the data storage service to treat the collection of encrypted data chunks (and, in some embodiments, initialization vectors) as a single data object. For example, the data storage service may associate the encrypted data chunks (and possibly initialization vectors) with a single identifier (which may comprise multiple pieces of information such as a logical data container name unique in the data storage system and object identifier unique within the logical data container).], but Fahey does not teach wherein the first parsing processor configured to receive the second plurality of data blocks and the different sequence of bits, select a third subset of data blocks and a fourth subset of data blocks from the second plurality of data blocks based on the different bit pattern, output the selected third subset of data blocks to the first signal path, and output the selected fourth subset of data blocks to the second signal path coupled to the output terminal, wherein the second signal path bypasses the encryption processor such that the selected fourth subset of data blocks remain unencrypted data blocks.
	However, Bowman does teach wherein the first parsing processor configured to receive the second plurality of data blocks and the different sequence of bits, [Bowman, para. 22 discloses The data of the data set may include partitioned data wherein: the data of the data set is divided into a set of partitions that are each required to be provided to a single node device; each block of data is divided into one or more data sub-blocks that are each individually associated with a partition of the set of partitions; and all data sub-blocks associated with a single partition of the set of partitions must be included within a single block of data. As part of the registration of the multiple blocks of data, the processor component may be caused to transmit, to the control device via the network, an indication of a size and a hashed value indicative of a partition for each data sub-block of each block of data of the first subset and of the second subset.] select a third subset of data blocks and a fourth subset of data blocks from the second plurality of data blocks based on the different bit pattern, output the selected third subset of data blocks to the first signal path, and output the selected fourth subset of data blocks to the second signal path coupled to the output terminal, [Bowman, para. 28 discloses the data of the data set may include partitioned data wherein: the data of the data set is divided into a set of partitions that are each required to be provided to a single node device; each block of data is divided into one or more data sub-blocks that are each individually associated with a partition of the set of partitions; and all data sub-blocks associated with a single partition of the set of partitions must be included within a single block of data. Each partition of the set of partitions may be provided with a unique label of a set of labels; and the control device transmits the set of node device identifiers to the multiple node devices prior to using the set of node device identifiers to distribute the data set among the multiple node devices based on matches between the set of node device identifiers and a set of hashed values derived from the set of labels through dividing a hash value from a hash taken of each label by a quantity of the multiple node devices.] wherein the second signal path bypasses the encryption processor such that the selected fourth subset of data blocks remain unencrypted data blocks. [Bowman, para. 137 discloses The control device may also store the map block encryption data employed in encrypting the first or only block of the map in unencrypted form within the data file at a predetermined offset from the start of the data file. Alternatively, the map block encryption data for the first or only block of the map may be subjected to an XOR operation to prior to being stored at the predetermined offset to provide at least the appearance of being part of the encrypted data within the data file, thereby effectively hiding it in plain sight to some extent within the data file.]
Therefore, it would have been obvious to one of ordinary skill within the art before the effective filling date to combine Bowman’s system with Fahey’s system, with a motivation to improve distributed encryption, storage, retrieval and/or decryption of a data set processed by multiple node devices. A data set may be stored within a single data file for relatively long term storage (also commonly referred to as “persisted”) in a distributed manner among one or more storage devices. The data of the data set may be divided into multiple data blocks and/or data sub-blocks within the data file in a manner that correlates to the manner in which portions of the data set are distributed among multiple node devices during processing. [Bowman, para. 126]

Regarding claim 16, Fahey teaches a receiver device configured to receive a first plurality of data blocks, which include encrypted data blocks and unencrypted data blocks, the receiver device comprising: a first sequence generator configured to generate a first sequence of bits having a bit pattern that comprises first bit values and second bit values; [Fahey, para. 52 discloses the process 500 includes generating 502 a plurality of chunks from a data object. Generating 502 the chunks from the data object may be performed by deconstructing the data object into a plurality of parts that collectively, but not individually, contain all the data of the data object. For example, in some embodiments, the chunks may be generated as sequential subsequences of a sequence of bits that comprises the data object. The subsequences may be configured to have uniform size. Thus, the generated 502 chunks may all have uniform size except for a last sequence of bits if the size of the data object is not evenly divisible by the uniform size.] and a decryption processor configured to receive the encrypted data blocks parsed out by the first parsing processor and decrypt the encrypted data blocks to generate further unencrypted data blocks [Fahey, para. discloses when the data storage service 400 receives a request to the web interface system 402 to retrieve a data object that is stored in the data storage device 412, the data encryption system 408 may obtain encrypted data objects from the data storage devices 412, may decrypt the encrypted data objects and transmit the decrypted data objects to the download staging system 414. The user or another user may transmit a subsequent request to the web interface system 402 to download the data object from the download staging system 414. The download staging system 414 may then provide the data object to the web interface system 402 which then provides the data object to the user that requested the data object. It should be noted that once decrypted by the data encryption system 408 transmission of the data object does not necessarily occur with the data object in plaintext form.], but Fahey does not teach a first parsing processor configured to receive the first plurality of data blocks, receive the first sequence of bits from the first sequence generator, and parse out the encrypted data blocks from the unencrypted data blocks based on the bit pattern, wherein the first parsing processor is configured to associate each of the first plurality of data blocks to a different corresponding bit of the first sequence of bits, extract data blocks from the first plurality of data blocks that are associated with the first bit values as the encrypted data blocks to be decrypted by the decryption processor, and extract data blocks from the first plurality of data blocks that are associated with the second bit values as the unencrypted data blocks.
However, Bowman does teach a first parsing processor configured to receive the first plurality of data blocks, receive the first sequence of bits from the first sequence generator, and parse out the encrypted data blocks from the unencrypted data blocks based on the bit pattern, [Bowman, para. 8 discloses the data of the data set is divided into a set of partitions that are each required to be provided to a single node device; each block of data is divided into one or more data sub-blocks that are each individually associated with a partition of the set of partitions; and all data sub-blocks associated with a single partition of the set of partitions must be included within a single block of data.] wherein the first parsing processor is configured to associate each of the first plurality of data blocks to a different corresponding bit of the first sequence of bits, extract data blocks from the first plurality of data blocks that are associated with the first bit values as the encrypted data blocks to be decrypted by the decryption processor, and extract data blocks from the first plurality of data blocks that are associated with the second bit values as the unencrypted data blocks. [Bowman, para. 27 discloses grouping, by the processor component, the blocks of data of the first subset and the second subset into multiple segments of the data set in an order within each segment of the multiple segments and in an order among the multiple segments that corresponds to the ordering among the multiple blocks of data, wherein each segment of the multiple segments is formed to have a size that meets a minimum threshold size imposed on units of data that are transmitted to one or more storage devices; para. 353 discloses It is envisioned that actual implementations of such grouping of portions of a data set 2330 are likely to involve considerably larger data sets 2330 divided into a considerably larger quantity of portions among a considerably larger quantity of node devices 2700. It should also be noted that, although these various examples each depict the grouping of encrypted data blocks 2131 of data that is to be stored in encrypted form, other embodiments are possible in which it is data blocks 2130 that are grouped as part of storing data in unencrypted form.]
Therefore, it would have been obvious to one of ordinary skill within the art before the effective filling date to combine Bowman’s system with Fahey’s system, with a motivation to improve distributed encryption, storage, retrieval and/or decryption of a data set processed by multiple node devices. A data set may be stored within a single data file for relatively long term storage (also commonly referred to as “persisted”) in a distributed manner among one or more storage devices. The data of the data set may be divided into multiple data blocks and/or data sub-blocks within the data file in a manner that correlates to the manner in which portions of the data set are distributed among multiple node devices during processing. [Bowman, para. 126]

Regarding claim 17, modified Fahey teaches the receiver device of claim 16, but Fahey does not teach further comprising: a memory configured to store the unencrypted data blocks and the further unencrypted data blocks. 
 	However, Bowman does teach further comprising: a memory configured to store the unencrypted data blocks and the further unencrypted data blocks. [Bowman, para. 291 discloses the data set 2330 may be stored in unencrypted form within the data file 2110 by the one or more storage devices 2100 as multiple data blocks 2130]
Therefore, it would have been obvious to one of ordinary skill within the art before the effective filling date to combine Bowman’s system with Fahey’s system, with a motivation to improve distributed encryption, storage, retrieval and/or decryption of a data set processed by multiple node devices. A data set may be stored within a single data file for relatively long term storage (also commonly referred to as “persisted”) in a distributed manner among one or more storage devices. The data of the data set may be divided into multiple data blocks and/or data sub-blocks within the data file in a manner that correlates to the manner in which portions of the data set are distributed among multiple node devices during processing. [Bowman, para. 126]

Regarding claim 18, Fahey teaches a method of transmitting a plurality of data blocks, the method comprising: generating, at a sender device, a first sequence of bits having a bit pattern comprising first bit values and second bit values; [Fahey, para. 52 discloses generating 502 a plurality of chunks from a data object. Generating 502 the chunks from the data object may be performed by deconstructing the data object into a plurality of parts that collectively, but not individually, contain all the data of the data object. For example, in some embodiments, the chunks may be generated as sequential subsequences of a sequence of bits that comprises the data object. The subsequences may be configured to have uniform size. Thus, the generated 502 chunks may all have uniform size except for a last sequence of bits if the size of the data object is not evenly divisible by the uniform size.] selecting, at the sender device, a first subset of data blocks and a second subset of data blocks from the plurality of data blocks based on the bit pattern, wherein selecting the first subset of data blocks and the second subset of data blocks includes associating each of the plurality of data blocks to a different corresponding bit of the first sequence of bits, [Fahey, para. It should be noted that while various examples of the present disclosure discuss various embodiments in connection with sequences of bits that can be concatenated to generate the data object, other ways of deconstructing a data object into chunks may be performed. For instance, as noted above, a data object may be deconstructed into parts using a redundancy in coding schemes such as erasure coding. A chunk may be one of the generated parts. It should also be noted that while chunks of uniform size except for a remainder chunk are utilized throughout the present disclosure, the techniques described herein are applicable to embodiments that utilize non-uniform chunk size, or where a data chunk of odd size appears in a different (e.g., leading) position in a sequence of bits. For example, the persistent storage of metadata about differing chunk sizes of non-uniformly sized chunks may enable the use of non-uniform chunk size. Other variations are also considered as being within the scope of the present disclosure.] extract data blocks from the plurality of data blocks that are associated with the first bit values to be used as the selected first subset of data blocks, and extract data blocks from the plurality of data blocks that are associated with the second bit values to be used as the selected second subset of data blocks; [Fahey, para. 18 discloses the client computer system may submit a separate upload request for each data chunk (or each set of a partitioning of the data chunks into sets). Each request may be initiated using the same service endpoint identifier (e.g., uniform resource locator (URL)) and the data storage service may respond to each initiation with a network address of a server to handle the request. In this manner, data may be transferred to the data storage service to overcome physical limitations of individual servers, such as the rate at which a single server is able to receive incoming data. Each encrypted data chunk may be transmitted to the data storage service with the initialization vector used to encrypt the data chunk, thereby enabling use of the initialization vector for later decryption.]providing the selected first subset of data blocks to a first signal path of the sender device; [Fahey, para. 18 discloses the client computer system may submit a separate upload request for each data chunk (or each set of a partitioning of the data chunks into sets). Each request may be initiated using the same service endpoint identifier (e.g., uniform resource locator (URL)) and the data storage service may respond to each initiation with a network address of a server to handle the request.] providing the selected second subset of data blocks to a second signal path of the sender device, the second signal path being coupled to an output terminal of the of the sender device; [Fahey, para. 18 discloses the client computer system may submit a separate upload request for each data chunk (or each set of a partitioning of the data chunks into sets). Each request may be initiated using the same service endpoint identifier (e.g., uniform resource locator (URL)) and the data storage service may respond to each initiation with a network address of a server to handle the request.] encrypting, at the sender device, the selected first subset of data blocks to generate encrypted data blocks and outputting the encrypted data blocks to the output terminal, [Fahey, para. 53 discloses he process 500 includes encrypting 504 the generated chunks. The generated chunks may be encrypted 504 in any suitable manner. In some examples, each chunk is encrypted 504 using a symmetric key cryptographic cypher. That is a cypher that utilizes a cryptographic primitive that takes as input a key that is usable both to encrypt and decrypt. In some embodiments, the cryptographic cypher is non-parallelizable for encryption. In other words, the process of encryption may be configured such that the encryptions of various portions of the chunk cannot be performed by different processors in parallel.] and transmitting the encrypted data blocks and the unencrypted data blocks from the sender device at the output terminal. [Fahey, para. 19 discloses the data chunks are transmitted to the data storage service in a manner that causes the data storage service to treat the collection of encrypted data chunks (and, in some embodiments, initialization vectors) as a single data object. For example, the data storage service may associate the encrypted data chunks (and possibly initialization vectors) with a single identifier (which may comprise multiple pieces of information such as a logical data container name unique in the data storage system and object identifier unique within the logical data container).], but Fahey does not teach wherein the second signal path bypasses the encryption such that the selected second subset of data blocks remain unencrypted data blocks.
However, Bowman does teach wherein the second signal path bypasses the encryption such that the selected second subset of data blocks remain unencrypted data blocks. [Bowman, para. 137 discloses The control device may also store the map block encryption data employed in encrypting the first or only block of the map in unencrypted form within the data file at a predetermined offset from the start of the data file. Alternatively, the map block encryption data for the first or only block of the map may be subjected to an XOR operation to prior to being stored at the predetermined offset to provide at least the appearance of being part of the encrypted data within the data file, thereby effectively hiding it in plain sight to some extent within the data file.]
Therefore, it would have been obvious to one of ordinary skill within the art before the effective filling date to combine Bowman’s system with Fahey’s system, with a motivation to improve distributed encryption, storage, retrieval and/or decryption of a data set processed by multiple node devices. A data set may be stored within a single data file for relatively long term storage (also commonly referred to as “persisted”) in a distributed manner among one or more storage devices. The data of the data set may be divided into multiple data blocks and/or data sub-blocks within the data file in a manner that correlates to the manner in which portions of the data set are distributed among multiple node devices during processing. [Bowman, para. 126]

Allowable Subject Matter
Claims 10 – 15 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.


Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Phuc Pham whose telephone number is (571)272-8893. The examiner can normally be reached Monday - Thursday 7:30 AM - 4:30 PM; Friday 8:00 AM - 12:00 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kambiz Zand can be reached on (571)272-3811. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/P.P./Patent Examiner, Art Unit 2434                                                                                                                                                                                                        /KAMBIZ ZAND/Supervisory Patent Examiner, Art Unit 2434