DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This initial written action is responding to the communication dated on 12/12/2013.
Claims 1=20 are submitted for examination.
Claims 1-20 are pending.
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  

Priority
This application filed on September 08, 2021 claims priority of continuing application 16/203,290 filed on November 11, 2018.
Information Disclosure Statement
The following Information Disclosure Statements in the instant application submitted in compliance with the provisions of 37 CFR 1.97, and thus, have been fully considered:
IDS filed on 30 November 2021.
IDS filed on 20 November 2021.
Examiner’s Note
Independent Claim 1, which is a system claim, recites a processor and computer readable media. A processor can be a virtual processor. Computer readable media can be a signal, however paragraph 61 of specification clearly indicates that  Computer storage media does not comprise signals per se. Thus Claims 1 – 7 are in compliance with 35 U.S.C. 101. Claim 8 recites a computer storage media storing computer-usable instruction. Claims 8-14 are also in compliance with 35 U.S.C. 101 per paragraph 61 of specification.
Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA  as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). 
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.
Claims 1-2, 4-9, 11-16 and 18-20 rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1, 4-5, 8-9, 12 and 15-16 of U.S. Patent No. 11,128,459. Although the claims at issue are not identical, they are not patentably distinct from each other. Please see table below.
 
Instant Application 17/469,285
 
US PAT. # US 11,128,459 (App. # 16/203,290) 
 
 
MITIGATING SERVICE DISRUPTIONS IN KEY MAINTENANCE
 
MITIGATING SERVICE DISRUPTIONS IN KEY MAINTENANCE
 
1
A system for encrypting messages, the system comprising: at least one processor; and computer readable media storing computer-readable instructions that when executed by the at least one processor, cause the at least one processor to: encrypt messages using a first working cryptogram generated based on a first master key of hardware security modules (HSMs), wherein the HSMs are initially configured to decrypt the encrypted messages using the first working cryptogram; communicate the encrypted messages to the HSMs; receive a second working cryptogram being generated based on a second master key replacing the first master key on a subset of the HSMs; encrypt subsequent messages using the second working cryptogram; and communicate the subsequent encrypted messages to the HSMs, wherein a subset of the HSMs is reconfigured to decrypt the subsequent messages encrypted by the second working cryptogram while a remaining subset of the HSMs continues to decrypt the encrypted messages encrypted using the first working cryptogram, wherein the subset of the HSMs comprises at least one HSM of the HSMs and the remaining subset of the HSMs comprises at least one different HSM of the HSMs, the subset of the HSMs and the remaining subset of the HSMs being concurrently employed.
15
 A computerized system comprising: one or more processors; and one or more computer storage media storing computer-usable instructions that, when used by the one or more processors, cause the one or more processors to: employ hardware security modules (HSMs) to decrypt messages being communicated from a client device, wherein the messages being communicated are encrypted with a first working cryptogram generated based on a first master key of the HSMs; generate a notification that includes a second working cryptogram, the second working cryptogram being generated based on a second master key that replaced the first master key on a first subset of the HSMs, wherein a transmission of the generated notification to the client device causes the client device to encrypt the messages being communicated with the included second working cryptogram; and based at least in part on the transmission of the generated notification, employing the first subset of the HSMs to decrypt a communicated message encrypted with the second working cryptogram while a remaining subset of the HSMs is employed to decrypt another communicated message encrypted with the first working cryptogram,
 
 

15
the another communicated message encrypted with the first working cryptogram being communicated before the client device was caused to encrypt the messages with the second working cryptogram, wherein the first subset of the HSMs comprises at least one HSM and the remaining subset of the HSMs comprises at least one different HSM, the first subset of the HSMs and the remaining subset of the HSMs being concurrently employed.
 
2
The system of claim 1, wherein the remaining subset of HSMs is reconfigured while the encrypted messages of the first working cryptogram are being communicated.
16
The system of claim 15, wherein the transmission of the generated notification to the client device causes the client device to encrypt the messages being communicated with the included second working cryptogram while previously-provisioned messages from the client device are inflight and are encrypted with the first working cryptogram.
 
4
The system of claim 1, further comprising: determine a failure of a cryptographic operation associated with the subsequent encrypted messages of the second working cryptogram; and based on the failure, employ the first working cryptogram as a fallback working cryptogram to communicate additional encrypted messages encrypted using the first working cryptogram.
9
The non-transitory computer storage medium of claim 8, wherein the working key encrypted with the first master key is employed to decrypt a communicated message based on a determination that the working key encrypted with the second master key fails to decrypt the message.
 
5
The system of claim 1, further comprising: receive a new uniform resource identifier (URI) associated with the received second working cryptogram; and modify an existing URI mapped to a first address and used for communicating the encrypted messages of the first working cryptogram to include the new URI, the new URI mapped to a second address and used for communicating the subsequent encrypted messages of the second working cryptogram.
4
The computer-implemented method of claim 1, wherein the messages are being communicated to a URI that is mapped to a first address of the server device for receiving the communicated messages encrypted with the first working cryptogram, and wherein the mapped URI is modified based on the transmitted notification, the modified URI being mapped to a second address of the server device for receiving the communicated messages encrypted with the second working cryptogram.
 
6
The system of claim 5, wherein the remaining subset of the HSMs is employed to decrypt the encrypted messages of the first working cryptogram based on the encrypted messages being received via the first address, and the subset of the HSMs is employed to decrypt the subsequent encrypted messages based on the subsequent encrypted messages being received via the second address.
5
The computer-implemented method of claim 4, wherein the subset of the HSMs is selected for employment based on a communicated message being received via the first address, and the remaining subset of the HSMs is selected for employment based on the communicated message being received via the second address.
 
7
The system of claim 1, wherein inactivity associated with the first master key causes de-provisioning of the first working cryptogram.
12
The non-transitory computer storage medium of claim 10, the operations further comprising: de-provisioning the first working cryptogram based at least in part on a determined inactivity associated with the first master key.
 
8
One or more computer storage media storing computer-useable instructions that, when used by one or more computing devices, cause the one or more computing devices to perform operations for encrypting messages, the operations comprising: encrypting messages using a first working cryptogram generated based on a first master key of hardware security modules (HSMs), wherein the HSMs are initially configured to decrypt the encrypted messages using the first working cryptogram; communicating the encrypted messages to the HSMs; receiving a second working cryptogram being generated based on a second master key replacing the first master key on a subset of the HSMs; encrypting subsequent messages using the second working cryptogram; and communicating the subsequent encrypted messages to the HSMs, wherein a subset of the HSMs is reconfigured to decrypt the subsequent messages encrypted by the second working cryptogram while a remaining subset of the HSMs continues to decrypt the encrypted messages encrypted using the first working cryptogram, wherein the subset of the HSMs comprises at least one HSM of the HSMs and the remaining subset of the HSMs comprises at least one different HSM of the HSMs, the subset of the HSMs and the remaining subset of the HSMs being concurrently employed.
8
A non-transitory computer storage medium storing computer-useable instructions that, when used by one or more computing devices, cause the one or more computing devices to perform operations comprising: employing a working key encrypted with a first master key stored on hardware security modules (HSMs) to decrypt messages being communicated from a client device, wherein the messages being communicated are each encrypted with a first working cryptogram generated based on the working key being encrypted with the first master key; generating a notification that includes a second working cryptogram, wherein the second working cryptogram was generated based on the working key being encrypted with a second master key, the second master key replacing the first master key on a first subset of the HSMs; causing the messages being communicated to each to be encrypted with the included second working cryptogram based on a transmission of the generated notification to the client device; and concurrently employing the working key encrypted with the second master key on the first subset of the HSMs and the working key encrypted with the first master key stored on a remaining subset of the HSMs to decrypt the communicated messages, wherein the first subset of the HSMs comprises at least one HSM and the remaining subset of the HSMs comprises at least one different HSM.
 
9
The computer storage media of claim 8, wherein the remaining subset of HSMs is reconfigured while the encrypted messages of the first working cryptogram are being communicated.
16
The system of claim 15, wherein the transmission of the generated notification to the client device causes the client device to encrypt the messages being communicated with the included second working cryptogram while previously-provisioned messages from the client device are inflight and are encrypted with the first working cryptogram.
 
11
The computer storage media of claim 8, further comprising: determining a failure of a cryptographic operation associated with the subsequent encrypted messages of the second working cryptogram; and based on the failure, employing the first working cryptogram as a fallback working cryptogram to communicate additional encrypted messages encrypted using the first working cryptogram.
9
The non-transitory computer storage medium of claim 8, wherein the working key encrypted with the first master key is employed to decrypt a communicated message based on a determination that the working key encrypted with the second master key fails to decrypt the message.
 
12
The computer storage media of claim 8, further comprising: receiving a new uniform resource identifier (URI) associated with the received second working cryptogram; and modifying an existing URI mapped to a first address and used for communicating the encrypted messages of the first working cryptogram to include the new URI, the new URI mapped to a second address and used for communicating the subsequent encrypted messages of the second working cryptogram.
4
The computer-implemented method of claim 1, wherein the messages are being communicated to a URI that is mapped to a first address of the server device for receiving the communicated messages encrypted with the first working cryptogram, and wherein the mapped URI is modified based on the transmitted notification, the modified URI being mapped to a second address of the server device for receiving the communicated messages encrypted with the second working cryptogram.
 
13
The computer storage media of claim 12, wherein the remaining subset of the HSMs is employed to decrypt the encrypted messages of the first working cryptogram based on the encrypted messages being received via the first address, and the subset of the HSMs is employed to decrypt the subsequent encrypted messages based on the subsequent encrypted messages being received via the second address.
5
The computer-implemented method of claim 4, wherein the subset of the HSMs is selected for employment based on a communicated message being received via the first address, and the remaining subset of the HSMs is selected for employment based on the communicated message being received via the second address.
 
14
The computer storage media of claim 8, wherein inactivity associated with the first master key causes de-provisioning of the first working cryptogram.
12
The non-transitory computer storage medium of claim 10, the operations further comprising: de-provisioning the first working cryptogram based at least in part on a determined inactivity associated with the first master key.
 
15
A computer-implemented method performed by one or more computer processors, the method comprising: encrypting messages using a first working cryptogram generated based on a first master key of hardware security modules (HSMs), wherein the HSMs are initially configured to decrypt the encrypted messages using the first working cryptogram; communicating the encrypted messages to the HSMs; receiving a second working cryptogram being generated based on a second master key replacing the first master key on a subset of the HSMs; encrypting subsequent messages using the second working cryptogram; and communicating the subsequent encrypted messages to the HSMs, wherein a subset of the HSMs is reconfigured to decrypt the subsequent messages encrypted by the second working cryptogram while a remaining subset of the HSMs continues to decrypt the encrypted messages encrypted using the first working cryptogram, wherein the subset of the HSMs comprises at least one HSM of the HSMs and the remaining subset of the HSMs comprises at least one different HSM of the HSMs, the subset of the HSMs and the remaining subset of the HSMs being concurrently employed.
1
A computer-implemented method for changing cryptographic keys in high-frequency transaction environments, the method comprising: employing, by a server device, hardware security modules (HSMs) coupled to the server device to decrypt messages being communicated from a client device, wherein the messages being communicated are encrypted with a first working cryptogram generated based on a first master key of the HSMs; generating, by the server device, a notification that includes a second working cryptogram for transmission to the client device, wherein the second working cryptogram is generated based on a second master key replacing the first master key on a subset of the HSMs; and causing, by the server device, the messages being communicated from the client device to be encrypted with the included second working cryptogram based on the transmitted notification, the subset of the HSMs being employed to decrypt the communicated messages encrypted with the included second working cryptogram while a remaining subset of the HSMs is employed to decrypt the communicated messages encrypted with the first working cryptogram, wherein the subset of the HSMs comprises at least one HSM and the remaining subset of the HSMs comprises at least one different HSM, the subset of the HSMs and the remaining subset of the HSMs being concurrently employed, and wherein the remaining subset of the HSMs is employed to decrypt at least one message communicated before the messages were caused to be encrypted with the second working cryptogram.
 
16
The computer-implemented method of claim 15, wherein the remaining subset of HSMs is reconfigured while the encrypted messages of the first working cryptogram are being communicated.
16
The system of claim 15, wherein the transmission of the generated notification to the client device causes the client device to encrypt the messages being communicated with the included second working cryptogram while previously-provisioned messages from the client device are inflight and are encrypted with the first working cryptogram.
 
18
The computer-implemented method of claim 15, further comprising: determining a failure of a cryptographic operation associated with the subsequent encrypted messages of the second working cryptogram; and based on the failure, employing the first working cryptogram as a fallback working cryptogram to communicate additional encrypted messages encrypted using the first working cryptogram.
9
The non-transitory computer storage medium of claim 8, wherein the working key encrypted with the first master key is employed to decrypt a communicated message based on a determination that the working key encrypted with the second master key fails to decrypt the message.
 
19
 The computer-implemented method of claim 15, further comprising: receiving a new uniform resource identifier (URI) associated with the received second working cryptogram; and modifying an existing URI mapped to a first address and used for communicating the encrypted messages of the first working cryptogram to include the new URI, the new URI mapped to a second address and used for communicating the subsequent encrypted messages of the second working cryptogram.
4
The computer-implemented method of claim 1, wherein the messages are being communicated to a URI that is mapped to a first address of the server device for receiving the communicated messages encrypted with the first working cryptogram, and wherein the mapped URI is modified based on the transmitted notification, the modified URI being mapped to a second address of the server device for receiving the communicated messages encrypted with the second working cryptogram.
 
20
The computer-implemented method of claim 19, wherein the remaining subset of the HSMs is employed to decrypt the encrypted messages of the first working cryptogram based on the encrypted messages being received via the first address, and the subset of the HSMs is employed to decrypt the subsequent encrypted messages based on the subsequent encrypted messages being received via the second address.
5
The computer-implemented method of claim 4, wherein the subset of the HSMs is selected for employment based on a communicated message being received via the first address, and the remaining subset of the HSMs is selected for employment based on the communicated message being received via the second address.
 



Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.


Claims 1-3, 8-10 and 15-17 are rejected under 35 U.S.C. 103 as being unpatentable over Roth et al. (US PGPUB. # US 2017/0134348, hereinafter “Roth”), and further in view of Rubin et al. (US PGPUB. # US 2020/0396070, hereinafter “Rubin”, priority based on continuation application filed on 12/3/2015).

Referring to Claims 1, 8 and 15:
Regarding Claim 1, Roth teaches,
A system for encrypting messages, the system comprising: at least one processor (¶44); and 
computer readable media storing computer-readable instructions that when executed by the at least one processor, cause the at least one processor to: (¶44)
encrypt messages using a first working cryptogram generated based on a first master key of hardware security modules (HSMs), (Fig. 3, ¶41, “the cryptographic service can send a plaintext version of the envelope key as well as and the encrypted envelope key to the data service frontend. The data service can then use the plaintext version of the envelope key to encrypt the plaintext (i.e., the data associated with the encryption request) and cause the envelope key to be stored in persistent storage in association with an identifier for the master key used to encrypt the envelope key”, Fig. 4(412), ¶47, “the process 400 includes performing 412 one or more cryptographic operations that result in the plaintext being encrypted”, i.e. messages are encrypted with envelope key (first working cryptogram) that is generated with a master key) wherein the HSMs are initially configured to decrypt the encrypted messages using the first working cryptogram; (¶50, “decrypt the ciphertext using an appropriate key (which may be identified to the cryptography service by the data service frontend), and provide the decrypted ciphertext (plaintext) to the data service frontend”, Fig. 6(614), ¶52, “decrypt the envelope key. The decrypted envelope key can be sent back to the data service, which can use the key to decrypt the encrypted plaintext”, i.e. messages are decrypted)
communicate the encrypted messages to the HSMs; (¶53, “the ciphertext may be provided to a cryptography service such as the cryptography service described above in connection with FIG. 5”, i.e. ciphertext (encrypted messages) are communicated to the cryptographic service (HSMs).
receive a second working cryptogram (¶59, “the data service frontend may receive the envelope key and the KeyID for the master key used to encrypt the envelope key from the cryptography service with any other relevant information, such as authentication proof, i.e. data service front end (client device) receives an envelope key (second cryptogram)) being generated based on a second master key replacing the first master key on a subset of the HSMs; (Fig. 8(814), ¶58, “the process 800 also includes generating 814 a key, such as an envelope key”, ¶60, “The key under which the data object is encrypted (e.g., the master key) may be made inaccessible in any suitable manner. In some embodiments this is achieved by storing it in memory accessible only to the cryptographic service. In some other embodiments this can be achieved by storing the master key in a hardware or other security module or otherwise under the protection of a hardware or other security module”, i.e. second master key replaces first master key in HSMs).
encrypt subsequent messages using the second working cryptogram; (Fig. 8(816), ¶59, “the process 800 includes using 816 the generated key to encrypt a data object. For example, in an embodiment where the cryptographic service generates the key, the cryptographic service can provide the key, the KeyID, and an encrypted copy of the key to the data service. For example, referring to FIG. 7, the data service frontend may receive the envelope key and the KeyID for the master key used to encrypt the envelope key from the cryptography service with any other relevant information, such as authentication proof. The plaintext copy of the encryption key may then be used to encrypt the data object”, i.e. messages are encrypted with second key (cryptogram)) and communicate the subsequent encrypted messages to the HSMs, wherein a subset of the HSMs is reconfigured to decrypt the subsequent messages encrypted by the second working cryptogram (Fig. 10(1018), ¶63, “The data object may then be decrypted 1018 using the decrypted envelope key. The decrypted data object may then be provided 1020 to the requestor”, i.e. messages are decrypted with second envelope key (cryptogram)) while a remaining subset of the HSMs continues to decrypt the encrypted messages encrypted using the first working cryptogram, (¶50, “decrypt the ciphertext using an appropriate key (which may be identified to the cryptography service by the data service frontend), and provide the decrypted ciphertext (plaintext) to the data service frontend”, Fig. 6(614), ¶52, “decrypt the envelope key. The decrypted envelope key can be sent back to the data service, which can use the key to decrypt the encrypted plaintext”, i.e. messages are decrypted with first envelope key indicates that messages are encrypted with first envelope key (first cryptogram)). [wherein the subset of the HSMs comprises at least one HSM of the HSMs and the remaining subset of the HSMs comprises at least one different HSM of the HSMs, the subset of the HSMs and the remaining subset of the HSMs being concurrently employed].
Roth does not teach explicitly,
wherein the subset of the HSMs comprises at least one HSM of the HSMs and the remaining subset of the HSMs comprises at least one different HSM of the HSMs, the subset of the HSMs and the remaining subset of the HSMs being concurrently employed.
However, Rubin teaches,
wherein the subset of the HSMs comprises at least one HSM of the HSMs and the remaining subset of the HSMs comprises at least one different HSM of the HSMs, the subset of the HSMs and the remaining subset of the HSMs being concurrently employed. (Fig. 1(104, 106, 108), ¶32, “The HSM fleet includes a first HSM 104, a second HSM 106, and a third HSM 108”, Fig. 3 (304, 306, 308), ¶46, i.e. Examiner submit that HSM 104, HSM 106, HSM 108 are subset of the HSMs and HSM 104 is different than the HSM 106 or the HSM 108). 
As per KSR vs Teleflex, combining prior art elements according to known methods (device, product) to yield predictable results may be used to create a prima facie case of obviousness.
It would have been obvious to one of ordinary skill in the art before the effective filing date to have combined the teachings of Rubin with the invention of Roth.
Roth teaches, subset of HSM decrypt messages received with second encryption key while remaining subset of HSM decrypt messages encrypted with first encryption key. Rubin teaches, subset of HSM having a first HSM and second HSM different than the first HSM. Therefore, it would have been obvious to have subset of HSM having a first HSM and second HSM different than the first HSM of Rubin with subset of HSM decrypt messages received with second encryption key while remaining subset of HSM decrypt messages encrypted with first encryption key of Roth to decrypt messages encrypted with the old key during a key rotation.  KSR Int’l v. Teleflex Inc., 127 S. Ct. 1727, 1740-41, 82 USPQ2d 1385, 1396 (2007). 

Regarding Claim 8, it is a computer storage media claim of above system Claim 1 and therefore Claim 8 is rejected with the same rationale as applied against Claim 1 above.

Regarding Claim 15, it is a computer implemented method claim of above system Claim 1 and therefore Claim 5 is rejected with the same rationale as applied against Claim 1 above.

Referring to Claims 2, 9 and 16:
Regarding Claim 2, rejection of Claim 1 is included and for the same motivation Roth teaches,
The system of claim 1, wherein the remaining subset of HSMs is reconfigured (¶90, “key rotation is performed. Key rotation may involve replacing keys with other keys to prevent collection of enough decrypted data to allow practical cracking of a cipher used”, i.e. subset of HSM is configured to receive a new key) while the encrypted messages of the first working cryptogram are being communicated. (Fig. 3, ¶41, “the cryptographic service can send a plaintext version of the envelope key as well as and the encrypted envelope key to the data service frontend. The data service can then use the plaintext version of the envelope key to encrypt the plaintext (i.e., the data associated with the encryption request) and cause the envelope key to be stored in persistent storage in association with an identifier for the master key used to encrypt the envelope key”, Fig. 4(412), ¶47, “the process 400 includes performing 412 one or more cryptographic operations that result in the plaintext being encrypted”, i.e. messages are encrypted with envelope key (first working cryptogram) that is generated with a master key).

Regarding Claim 9, rejection of Claim 8 is included and Claim 9 is rejected with the same rationale as applied against Claim 2 above.

Regarding Claim 16, rejection of Claim 15 is included and Claim 16 is rejected with the same rationale as applied against Claim 2 above.

Referring to Claims 3, 10 and 17:
Regarding Claim 3, rejection of Claim 1 is included and for the same motivation Roth teaches,
The system of claim 1, wherein the remaining subset of the HSMs is employed to decrypt at least one of the encrypted messages of the first working cryptogram communicated prior to receiving the second working cryptogram. (¶50, “decrypt the ciphertext using an appropriate key (which may be identified to the cryptography service by the data service frontend), and provide the decrypted ciphertext (plaintext) to the data service frontend”, Fig. 6(614), ¶52, “decrypt the envelope key. The decrypted envelope key can be sent back to the data service, which can use the key to decrypt the encrypted plaintext”, , ¶90, “The old key may remain identified by the KeyID, but may, for instance, be only used for decryption (of data that has already been encrypted using the old key) and not for future encryption”, i.e. messages are decrypted with first envelope key indicates that messages are encrypted with first envelope key (first cryptogram), while new key (second working cryptogram) is being received).
Regarding Claim 10, rejection of Claim 8 is included and Claim 9 is rejected with the same rationale as applied against Claim 3 above.

Regarding Claim 17, rejection of Claim 15 is included and Claim 17 is rejected with the same rationale as applied against Claim 3 above.

Claims 4, 11 and 18 are rejected under 35 U.S.C. 103 as being unpatentable over Roth et al. (US PGPUB. # US 2017/0134348, hereinafter “Roth”), and further in view of Rubin et al. (US PGPUB. # US 2020/0396070, hereinafter “Rubin”, priority based on continuation application filed on 12/3/2015), and further in view of Ja Yee et al. (US PGPUB. # US 2019/0245687, hereinafter “Ja”).

Referring to Claims 4, 11 and 18:
Regarding Claim 4, rejection of Claim 1 is included and combination of Roth and Rubin does not teach explicitly,
The system of claim 1, further comprising: 
determine a failure of a cryptographic operation associated with the subsequent encrypted messages of the second working cryptogram; and 
based on the failure, employ the first working cryptogram as a fallback working cryptogram to communicate additional encrypted messages encrypted using the first working cryptogram.
However, Ja teaches,
The system of claim 1, further comprising: 
determine a failure of a cryptographic operation associated with the subsequent encrypted messages of the second working cryptogram; (¶36, “if decryption with the new group session transport encryption key fails”, i.e. cryptographic operation fails with new group session key (second working cryptogram)) and 
based on the failure, employ the first working cryptogram as a fallback working cryptogram to communicate additional encrypted messages encrypted using the first working cryptogram. (¶36, “the master may attempt to decrypt an incoming message using the new group session transport encryption key and decrypt the incoming message using the current group session transport encryption key if decryption with the new group session transport encryption key fails”, i.e. message is decrypted with current group session key (first master key) when new group session key (second master key) fails to decrypt the message).
As per KSR vs Teleflex, combining prior art elements according to known methods (device, product) to yield predictable results may be used to create a prima facie case of obviousness.
It would have been obvious to one of ordinary skill in the art before the effective filing date to have combined the teachings of Ja with the invention of Roth in view of Rubin.
Roth in view of Rubin teaches, subset of HSM decrypt messages received with second encryption key while remaining subset of HSM decrypt messages encrypted with first encryption key where subset of HSM having a first HSM and second HSM different than the first HSM. Ja teaches decrypting messages with first encryption key when decryption of messages fails with second key. Therefore, it would have been obvious to have decrypting messages with first encryption key when decryption of messages fails with second key of Ja into the teachings of Roth in view of Rubin to continue encryption/decryption operation while rotating the keys. KSR Int’l v. Teleflex Inc., 127 S. Ct. 1727, 1740-41, 82 USPQ2d 1385, 1396 (2007). 

Regarding Claim 11, rejection of Claim 8 is included and Claim 11 is rejected with the same rationale as applied against Claim 4 above.

Regarding Claim 18, rejection of Claim 15 is included and Claim 18 is rejected with the same rationale as applied against Claim 4 above.

Claims 5-6, 12-13 and 19-20 are rejected under 35 U.S.C. 103 as being unpatentable over Roth et al. (US PGPUB. # US 2017/0134348, hereinafter “Roth”), and further in view of Rubin et al. (US PGPUB. # US 2020/0396070, hereinafter “Rubin”, priority based on continuation application filed on 12/3/2015), and further in view of Yan Fu (US PGPUB. # US 2011/0124319, hereinafter “Fu”).

Referring to Claims 5, 12 and 19:
Regarding Claim 5, rejection of Claim 1 is included and Roth teaches,
The system of claim 1, further comprising: 
[receive a new uniform resource identifier (URI) associated] with the received second working cryptogram; (¶59, “the data service frontend may receive the envelope key and the KeyID for the master key used to encrypt the envelope key from the cryptography service with any other relevant information, such as authentication proof, i.e. data service front end (client device) receives an envelope key (second cryptogram)) and 
[modify an existing URI mapped to a first address and used for communicating] the encrypted messages of the first working cryptogram (Fig. 3, ¶41, “the cryptographic service can send a plaintext version of the envelope key as well as and the encrypted envelope key to the data service frontend. The data service can then use the plaintext version of the envelope key to encrypt the plaintext (i.e., the data associated with the encryption request) and cause the envelope key to be stored in persistent storage in association with an identifier for the master key used to encrypt the envelope key”, Fig. 4(412), ¶47, “the process 400 includes performing 412 one or more cryptographic operations that result in the plaintext being encrypted”, i.e. messages are encrypted with envelope key (first working cryptogram) that is generated with a master key) [to include the new URI, the new URI mapped to a second address] and used for communicating the subsequent encrypted messages of the second working cryptogram. (¶59, “the data service frontend may receive the envelope key and the KeyID for the master key used to encrypt the envelope key from the cryptography service with any other relevant information, such as authentication proof, i.e. data service front end (client device) receives an envelope key (second cryptogram)).
Combination of Roth and Rubin does not teach explicitly
The system of claim 1, further comprising: 
receive a new uniform resource identifier (URI) associated with [the received second working cryptogram]; and 
modify an existing URI mapped to a first address and used for communicating [the encrypted messages of the first working cryptogram] to include the new URI, the new URI mapped to a second address [and used for communicating the subsequent encrypted messages of the second working cryptogram].
However, Fu teaches,
The system of claim 1, further comprising: 
receive a new uniform resource identifier (URI) associated with (Fig. 6B (664), ¶100, “the legacy HTTP client 608 sends a HTTP request message 664 directed to a type B URL with client platform information for whatever client provide the link”, i.e. type B URL is a new uniform resource identifier which is a second address of the server)  [the received second working cryptogram]; and 
modify an existing URI mapped to a first address and used for communicating [the encrypted messages of the first working cryptogram] to include the new URI, the new URI mapped to a second address (Fig. 6B (664), ¶100, “the legacy HTTP client 608 sends a HTTP request message 664 directed to a type B URL with client platform information for whatever client provide the link”, i.e. url is modified to type B URL which is a second address of the server)  [and used for communicating the subsequent encrypted messages of the second working cryptogram].
As per KSR vs Teleflex, combining prior art elements according to known methods (device, product) to yield predictable results may be used to create a prima facie case of obviousness.
It would have been obvious to one of ordinary skill in the art before the effective filing date to have combined the teachings of Fu with the invention of Roth in view of Rubin.
Roth in view of Rubin teaches, subset of HSM decrypt messages received with second encryption key while remaining subset of HSM decrypt messages encrypted with first encryption key where subset of HSM having a first HSM and second HSM different than the first HSM. Fu teaches, communicating messages with first URL address and modifying the URL address to point to second address of the server. Therefore, it would have been obvious to have communicating messages with first URL address and modifying the URL address to point to second address of the server of Fu into the teachings of Roth in view of Rubin to avoid attack on a cryptographic keys by changing the keys and pointing to a location to receive an appropriate key. KSR Int’l v. Teleflex Inc., 127 S. Ct. 1727, 1740-41, 82 USPQ2d 1385, 1396 (2007). 

Regarding Claim 12, rejection of Claim 8 is included and Claim 12 is rejected with the same rationale as applied against Claim 5 above.

Regarding Claim 19, rejection of Claim 15 is included and Claim 19 is rejected with the same rationale as applied against Claim 5 above.

Referring to Claims 6, 13 and 20:
Regarding Claim 6, rejection of Claim 5 is included and for the same motivation Roth teaches,
The system of claim 5, wherein the remaining subset of the HSMs is employed to decrypt the encrypted messages of the first working cryptogram based on the encrypted messages (¶50, “decrypt the ciphertext using an appropriate key (which may be identified to the cryptography service by the data service frontend), and provide the decrypted ciphertext (plaintext) to the data service frontend”, Fig. 6(614), ¶52, “decrypt the envelope key. The decrypted envelope key can be sent back to the data service, which can use the key to decrypt the encrypted plaintext”, i.e. messages are decrypted with first envelope key indicates that messages are encrypted with first envelope key (first cryptogram)) [being received via the first address], and the subset of the HSMs is employed to decrypt the subsequent encrypted messages based on the subsequent encrypted messages (Fig. 10(1018), ¶63, “The data object may then be decrypted 1018 using the decrypted envelope key. The decrypted data object may then be provided 1020 to the requestor”, i.e. messages are decrypted with second envelope key (cryptogram))  [being received via the second address].
Combination of Roth and Rubin does not teach explicitly
The system of claim 5, [wherein the remaining subset of the HSMs is employed to decrypt the encrypted messages of the first working cryptogram based on the encrypted messages] being received via the first address, [and the subset of the HSMs is employed to decrypt the subsequent encrypted messages based on the subsequent encrypted messages] being received via the second address.
However, Fu teaches,
The system of claim 5, [wherein the remaining subset of the HSMs is employed to decrypt the encrypted messages of the first working cryptogram based on the encrypted messages] being received via the first address, (Fig. 6B (644), ¶94, “the legacy HTTP client 608 sends a HTTP request message 644 directed to a plain URL with no client platform information for client 604”, i.e. message is sent to plain url is considered as first address) [and the subset of the HSMs is employed to decrypt the subsequent encrypted messages based on the subsequent encrypted messages] being received via the second address. (Fig. 6B (664), ¶100, “the legacy HTTP client 608 sends a HTTP request message 664 directed to a type B URL with client platform information for whatever client provide the link”, i.e. url is modified to type B URL which is a second address of the server).

Regarding Claim 13, rejection of Claim 12 is included and Claim 13 is rejected with the same rationale as applied against Claim 6 above.

Regarding Claim 20, rejection of Claim 19 is included and Claim 20 is rejected with the same rationale as applied against Claim 6 above.

Claims 7 and 14 are rejected under 35 U.S.C. 103 as being unpatentable over Roth et al. (US PGPUB. # US 2017/0134348, hereinafter “Roth”), and further in view of Rubin et al. (US PGPUB. # US 2020/0396070, hereinafter “Rubin”, priority based on continuation application filed on 12/3/2015), and further in view of Kenneth Wade Stufflebeam (US PGPUB. # US 2017/0257214, hereinafter “Stufflebeam”).

Referring to Claims 7 and 14:
Regarding Claim 7, rejection of Claim 1 is included and combination of Roth and Rubin does not teach explicitly,
The system of claim 1, wherein inactivity associated with the first master key causes de-provisioning of the first working cryptogram.
However, Stufflebeam teaches,
The system of claim 1, wherein inactivity associated with the first master key causes de-provisioning of the first working cryptogram.  (Abstract, “transmitting a request to the key provider that the old encryption key be discarded”, Fig. 6 (606, 607), ¶87, “at block 606 method 600 archives the old key, which means that the old key is not knowingly being used and will not be used for new operations. Block 607 destroys or discards the old key upon the end of a security administrator's decision for the time of the archive period”, i.e. Examiner submits that a new key is issued indicates that HSMs with old key becomes inactive and the old key is discarded).
As per KSR vs Teleflex, combining prior art elements according to known methods (device, product) to yield predictable results may be used to create a prima facie case of obviousness.
It would have been obvious to one of ordinary skill in the art before the effective filing date to have combined the teachings of Fu with the invention of Roth in view of Rubin.
Roth in view of Rubin teaches, subset of HSM decrypt messages received with second encryption key while remaining subset of HSM decrypt messages encrypted with first encryption key where subset of HSM having a first HSM and second HSM different than the first HSM. Stufflebeam teaches discarding old keys when replaced with new key and becomes inactive. Therefore, it would have been obvious to have discarding old keys when replaced with new key and becomes inactive of Stufflebeam into the teachings of Roth in view of Rubin to avoid attack on a cryptographic keys by changing the keys and discarding old inactive key.  KSR Int’l v. Teleflex Inc., 127 S. Ct. 1727, 1740-41, 82 USPQ2d 1385, 1396 (2007). 

Regarding Claim 14, rejection of Claim 8 is included and Claim 14 is rejected with the same rationale as applied against Claim 7 above.

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.  Refer to PTO-892, Notice of References Cited for a listing of analogous art.
	Jacob et al. (US PGPUB. # US 2019/0149527) discloses, a method for encrypting data when a device is offline is disclosed. In the method, a determination is made as to whether a successful connection with a remote server computer can or cannot be made. If a connection cannot be made, then data can be encrypted with an ephemeral public key. Later, then a connection is available, the encrypted data can be transmitted to the remote server computer for processing. 
 Pesonen et al. (US PGPUB. # US 2017/0324560) discloses, a method and a server for providing transaction keys for a transaction system includes transaction units which use pre-delivered transaction keys, and are provided by a key provisioning server and wherein the transaction key usage is checked by a transaction checking server. A transaction key is derived from a master key of a transaction unit, wherein a varying derivation parameter is used in the step of deriving. The step of deriving comprises a first sub step of deriving a key from the master key and a second sub step of deriving the transaction key from the derived key. The first sub step or the second sub step of deriving is performed dependent on a security level of the transaction unit.
Fuller et al. (US PAT. # US 9,722,974) discloses, a re-encryption service module in a multi-tiered encryption system that manages key rotation policies continuously or periodically re-encrypts data. Each encryption tier in the system can include a node programmed to service encryption, decryption, and/or re-encryption requests and a key store to store encryption keys. A computing node that interfaces with a requesting device may include the re-encryption service module. The re-encryption module may receive encrypted data and a key identifier identifying the key used to encrypt the data. The re-encryption module may decrypt the encrypted data using the identified key, retrieve a new key if the identified key is exhausted, and use the new key to encrypt the decrypted data. The key identifier may be updated to identify the new key and the re-encrypted data and the updated key identifier may be transmitted to the requesting device.
Phinney (US PGPUB. # US 2007/0140496) discloses, a method of managing encryption keys creates a new encryption key as a predictable and retrospectively repeatable function of a current encryption key. Information is then encrypted or authenticated using the new encryption key. In one embodiment, the generation of a new encryption key is triggered as a function of the amount of information encrypted or authenticated using the current encryption key. In a further embodiment, the new encryption key is created by using the current encryption key to encrypt a pre-agreed block of information, which may be an appropriate-length representation of the current encryption key. In a further embodiment, the current encryption key and a time-independent method of creating a new encryption key is escrowed. 
Sugaya (US PGPUB. # US 2016/0374127) discloses, a content based on location information is provided to a mobile terminal The mobile terminal 10 is communicatively connected to an access point related content providing server that includes a storage unit having an access point related content database 250 in which IP addresses and URLs of contents are associated with each other and are stored. The mobile terminal 10 performs a communication with a wireless access point to access a public network, acquires an IP address of the wireless access point, and transmits the acquired IP address to the access point related content providing server. The mobile terminal 10 receives an URL of a content that is associated with the transmitted IP address or location information identified by the transmitted IP address, and acquires the content designated by the received URL. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to DARSHAN I DHRUV whose telephone number is (571)272-4316. The examiner can normally be reached M-F 9:00 AM-5:00 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Yin-Chen Shaw can be reached on 571-272-8878. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/DARSHAN I DHRUV/          Primary Examiner, Art Unit 2498