Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
2.	EXAMINER’S NOTE: The claims have been reviewed and considered under the new guidance pursuant to the 2019 Revised Patent Subject Matter Eligibility Guidance (PEG 2019) issued January 7, 2019.
3.	This communication is in response to Applicant’s claims filed on 26 September 2022. Claims 1, 7, and 15 have been amended. Claims 1-20 remain pending. 

Response to Arguments
4.	Applicant’s arguments, see pages 6-13, filed 26 September 2022, with respect to the rejection of claims 1-8, 10, 12, and 15-18 in view of Alwen and claims 9,11,13-14, and 19-20 in further view of Wasiq et al. have been fully considered, but they are not persuasive.
5.	In light of the previous 102 rejection, the Applicant contends that the cited prior art, Alwen fail to disclose, suggest, or teach the newly amended claim language “wherein the first, second, third, and fourth cryptographic materials each comprise information usable by a key derivation function to derive one or more cryptographic keys”.
The Examiner respectfully disagrees and asserts that Alwen discloses in paragraphs 28-35 and 61, the first, second, third, and fourth cryptographic materials comprise information used to derive the first and second cryptographic keys using a key deviation function which includes numerical values or other types of information used for generation or derivation of cryptographic keys, such as pseudorandom numbers and hash values. Therefore, the derivation of a key based on cryptographic material has been disclosed and taught by Alwen as shown throughout the cited portions of the reference.
9. 	Therefore, the rejection of claims 1-20 will be maintained in view of the reasons above and below.


Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.


Claims 1-8, 10, 12, and 15-18 are rejected under 35 U.S.C. 102(a)(2) as being anticipated by Alwen (Pub No. 2019/0245681).
Referring to the rejection of claim 1, Alwen discloses a computer-implemented method, comprising:
 at a first system, performing a handshake with a second system to establish a cryptographically protected communications session, the handshake comprising: (See Alwen, Figure 1, para. 3, i.e. a first device, item 110, performs a handshake, item 100 with a second device, item 120 to establish a cryptographically protected secure communication session, Figure 2, para. 10-12)
obtaining, from the second system, a first cryptographic material and a second cryptographic material; (See Alwen, Figure 1, 2, para. 5-6, the first device receiving from the second device, a first and second cryptographic material that includes a first key exchange such as an RSA pubic or Diffie-Hellman public key, Figure 2, para. 10-12)
transmitting, to the second system, a third cryptographic material and a fourth cryptographic material to allow the second system to derive a first encryption key based on the first cryptographic material and the third cryptographic material and to derive a second encryption key based on the second cryptographic material and the fourth cryptographic material; (See Alwen, Figure 1, 2, para. 6-7, i.e. the first device transmits the encrypted shared secret or session key in third cryptographic material. When a key agreement scheme, like Diffie-Hellman, the third communication includes a second key exchange component (i.e., a Diffie-Hellman public key) for second device 120 to derive the key-encrypting key to decrypt the shard secret or session key. In response to receiving third cryptographic material the second device 120 decrypts the shared secret or session key. The fourth cryptographic material includes an indication that decryption and/or authentication was successful. Once the key exchange and/or authentication are validated as being successful, the first device and the second device exchange data encrypted with a shared session key)
deriving the first encryption key based on the first cryptographic material and the third cryptographic material; (See Alwen, para. 29-30, i.e. the first device derives the first encryption key based on pseudorandom bytes and exchanged cryptographic algorithms such as Diffie-Hellman and Elliptic Curve key exchange (i.e. first and third cryptographic materials)
deriving the second encryption key based on the second cryptographic material and the fourth cryptographic material; (See Alwen, para. 31-32, i.e. the second device derives the second encryption key based on pseudorandom bytes and exchanged cryptographic algorithms such as Quantum Signature key exchange (i.e. second and fourth cryptographic materials) 
using the first encryption key to encrypt data to obtain first encrypted data; (See Alwen, para. 30 and 33, i.e. the first encryption is used to encrypt data and obtain the encrypted data)
using the second encryption key to encrypt the first encrypted data to obtain second encrypted data; (See Alwen, para. 32 and 34, i.e. the second encryption key is used to encrypt the first encrypted data and obtain the second encrypted data)
and transmitting a message over the cryptographically protected communications session, the message being based on the second encrypted data. (See Alwen, para. 35-36, i.e. transmitting a message over an encrypted protected communication session based on the second encrypted data)
wherein the first, second, third, and fourth cryptographic materials each comprise information usable by a key derivation function to derive one or more cryptographic keys. (See Alwen, para. 28-35 and 61, the first, second, third, and fourth cryptographic materials comprise information used to derive the first and second cryptographic keys using a key deviation function which includes numerical values or other types of information used for generation or derivation of cryptographic keys, such as pseudorandom numbers and hash values)
Referring to the rejection of claim 2, Alwen discloses wherein the cryptographically protected communication session is a hybrid cryptographically protected communication session wherein the first encryption key corresponds to a first cryptographic algorithm and the second encryption key corresponds to a second cryptographic algorithm. (See Alwen, para. 45)
Referring to the rejection of claim 3, Alwen discloses wherein the first cryptographic material and the second cryptographic material is transmitted, by the second system, to the first system in response to a first message from the first system to the second system identifying a first cryptographic algorithm and a second cryptographic algorithm. (See Alwen, para. 6-7)
Referring to the rejection of claim 4, Alwen discloses wherein the first system transmits a first message identifying a first cryptographic algorithm to the second system and a second message identifying a second cryptographic algorithm to the second system, and the second system transmits the first cryptographic material to the first system in response to the first message and a second cryptographic material to the first system in response to the second message. (See Alwen, para. 28-30)

Referring to the rejection of claim 5, Alwen discloses wherein the first system transmits, to the second system, a first message comprising the third cryptographic material and the fourth cryptographic material, the first message identifying a first cryptographic algorithm and a second cryptographic algorithm, and receiving, in response to the first message, a second message from the second system comprising the first cryptographic material and the second cryptographic material. (See Alwen, para. 30-33)
Referring to the rejection of claim 6, Alwen discloses wherein: the first system transmits a first message comprising the third cryptographic material to the second system, the first message identifying a first cryptographic algorithm; (See Alwen, para. 32-33)
the first system transmits a second message comprising the fourth cryptographic material to the second system, the second message identifying a second cryptographic algorithm; (See Alwen, para. 33-34)
in response to the first message indicating the first cryptographic algorithm, the second system transmits the first cryptographic material to the first system; (See Alwen, para. 35)
and in response to the second message indicating the second cryptographic algorithm, the second system transmits the second cryptographic material to the first system. (See Alwen, para. 36)


Referring to the rejection of claim 7, Alwen discloses a system, comprising:
 one or more processors; (See Alwen, Figure 5 and para. 59, i.e. processor, item 502 includes a processor or multiprocessors)
memory that stores computer-executable instructions that are executable to cause the one or more processors to: (See Alwen, Figure 5 and para. 60, i.e. memory, item 504 stores instructions and data that may be executed by the processor, item 502)
establish a cryptographically protected communications session by at least: (See Alwen, Figure 1, 2 para. 3, i.e. a first device, item 110, performs a handshake, item 100 with a second device, item 120 to establish a cryptographically protected secure communication session)
obtaining, from another system, a first cryptographic material; (See Alwen, Figure 1, 2, para. 5-6, the first device receiving from the second device, a first and second cryptographic material that includes a first key exchange such as an RSA pubic or Diffie-Hellman public key)
transmitting, to the other system, a second cryptographic material to allow the other system to derive a first cryptographic key based on the first cryptographic material and the second cryptographic material and to derive a second cryptographic key based on the first cryptographic material and the second cryptographic material; (See Alwen, Figure 1, 2, para. 6-7, i.e. the first device transmits the encrypted shared secret or session key in third cryptographic material. When a key agreement scheme, like Diffie-Hellman, the third communication includes a second key exchange component (i.e., a Diffie-Hellman public key) for second device 120 to derive the key-encrypting key to decrypt the shard secret or session key. In response to receiving third cryptographic material the second device 120 decrypts the shared secret or session key. The fourth cryptographic material includes an indication that decryption and/or authentication was successful. Once the key exchange and/or authentication are validated as being successful, the first device and the second device exchange data encrypted with a shared session key)
derive the first cryptographic key based on the first cryptographic material and the second cryptographic material and derive the second cryptographic key based on the first cryptographic material and the second cryptographic material; (See Alwen, para. 29-32, i.e. the first device derives the first encryption key based on pseudorandom bytes and exchanged cryptographic algorithms such as Diffie-Hellman and Elliptic Curve key exchange (i.e. first and third cryptographic materials), the second device derives the second encryption key based on pseudorandom bytes and exchanged cryptographic algorithms such as Quantum Signature key exchange (i.e. second and fourth cryptographic materials) 
perform a cryptographic operation on a datum using the first cryptographic key to create a first cryptographically protected datum; (See Alwen, para. 30 and 33, i.e. the first encryption is used to encrypt data and obtain the encrypted data)
perform the cryptographic operation on the cryptographically protected datum using the second cryptographic key to create a second cryptographically protected datum; (See Alwen, para. 32 and 34, i.e. the second encryption key is used to encrypt the first encrypted data and obtain the second encrypted data)
and transmit the second cryptographically protected datum over the cryptographically protected communications session. (See Alwen, para. 35-36, i.e. transmitting a message over an encrypted protected communication session based on the second encrypted data)
wherein the first, second, third, and fourth cryptographic materials each comprise information usable by a key derivation function to derive one or more cryptographic keys. (See Alwen, para. 28-35 and 61, the first, second, third, and fourth cryptographic materials comprise information used to derive the first and second cryptographic keys using a key deviation function which includes numerical values or other types of information used for generation or derivation of cryptographic keys, such as pseudorandom numbers and hash values)

Referring to the rejection of claim 8, Alwen discloses wherein the cryptographic operation on the datum using the first cryptographic key is a first type of encryption operation and the encryption operation on the cryptographically protected datum using the second cryptographic key is a second type of encryption operation. (See Alwen, para. 45)

Referring to the rejection of claim 10, Alwen discloses wherein the instructions that cause the system to establish a cryptographically protected communications session are executable to cause the system to obtain, from the other system, a first portion of the first cryptographic material in response to a first message transmitted by the system to the other system, the first message comprising information about a first cryptographic algorithm, (See Alwen, para. 27-28 and 45) and a second portion of the first cryptographic material in response to a second message transmitted by the system to the other system, the second message comprising information about a second cryptographic algorithm. (See Alwen, para. 30-31 and 45)
Referring to the rejection of claim 12, Alwen discloses wherein the instructions that cause the system to establish a cryptographically protected communications session are executable to cause the system to: (See Alwen, para. 26)
obtain, from the other system, a first portion of the first cryptographic material in response to a first message transmitted by the system to the other system, the first message comprising a first portion of the second cryptographic material and information about a first cryptographic algorithm; (See Alwen, para. 27-28 and 45)
and obtain, from the other system, a second portion of the first cryptographic material in response to a second message transmitted by the system to the other system, the second message comprising a second portion of the second cryptographic material and information about a second cryptographic algorithm. (See Alwen, para. 30-31 and 45)
Referring to the rejection of claim 15, Alwen discloses a non-transitory computer-readable storage medium storing thereon executable instructions that, as a result of being executed by one or more processors of a system, cause the system to at least: (See Alwen, Figure 5 and para. 61, i.e. memory, item 504 may be any type of media capable of storing including a non-transitory computer-readable medium)
establish a cryptographically protected communications session by at least communicating with another system such that both the system and the other system are able to use a first cryptographic material and a second cryptographic material; (See Alwen, Figure 1, para. 3 and 5-6, i.e. a first device, item 110, performs a handshake, item 100 with a second device, item 120 to establish a cryptographically protected secure communication session, the first device receiving from the second device, a first and second cryptographic material that includes a first key exchange such as an RSA pubic or Diffie-Hellman public key)
derive a first cryptographic key based on the first cryptographic material and derive a second cryptographic key based on the second cryptographic material; (See Alwen, Figure 1, para. 6-7, i.e. the first device transmits the encrypted shared secret or session key in third cryptographic material. When a key agreement scheme, like Diffie-Hellman, the third communication includes a second key exchange component (i.e., a Diffie-Hellman public key) for second device 120 to derive the key-encrypting key to decrypt the shard secret or session key. In response to receiving third cryptographic material the second device 120 decrypts the shared secret or session key. The fourth cryptographic material includes an indication that decryption and/or authentication was successful. Once the key exchange and/or authentication are validated as being successful, the first device and the second device exchange data encrypted with a shared session key)
perform a cryptographic operation on a datum using the first cryptographic key to create a first cryptographically protected datum; (See Alwen, para. 30 and 33, i.e. the first encryption is used to encrypt data and obtain the encrypted data)
perform the cryptographic operation on the first cryptographically protected datum using the second cryptographic key; (See Alwen, para. 32 and 34, i.e. the second encryption key is used to encrypt the first encrypted data and obtain the second encrypted data)
and transmit a result of the cryptographic operation on the first cryptographically protected datum over the cryptographically protected communications session. (See Alwen, para. 35-36, i.e. transmitting a message over an encrypted protected communication session based on the second encrypted data)
wherein the first, second, third, and fourth cryptographic materials each comprise information usable by a key derivation function to derive one or more cryptographic keys. (See Alwen, para. 28-35 and 61, the first, second, third, and fourth cryptographic materials comprise information used to derive the first and second cryptographic keys using a key deviation function which includes numerical values or other types of information used for generation or derivation of cryptographic keys, such as pseudorandom numbers and hash values)

Referring to the rejection of claim 16, Alwen discloses wherein the instructions that cause the system to perform the cryptographic operation on the datum to create the first cryptographically protected datum comprise instructions to cause the system to serialize a result of the cryptographic operations on the datum to obtain the first cryptographically protected datum. (See Alwen, para. 45)
Referring to the rejection of claim 17, Alwen discloses wherein the instructions that cause the system to perform the cryptographic operation on the datum to create the first cryptographically protected datum comprise instructions to cause the system to serialize the datum into a serialized datum and perform the cryptographic operation on the serialized datum to create the first cryptographically protected datum. (See Alwen, para. 35 and 38)
Referring to the rejection of claim 18, Alwen discloses wherein the instructions that cause the system to perform the cryptographic operation on the datum to create the first cryptographically protected datum comprise instructions to cause the system to serialize the datum into a serialized datum and perform the cryptographic operation on the serialized datum, and serialize a result of the cryptographic operations on the serialized datum to obtain the first cryptographically protected datum. (See Alwen, para. 35 and 38)
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 9,11,13-14, and 19-20 are rejected under 35 U.S.C. 103 as being unpatentable over Alwen (Pub No. 2019/0245681) in view of Wasiq et al. (US Patent No. 9,781,081).
Alwen discloses the invention as described above, however, Alwen fail to explicitly disclose segmenting the results of the cryptographic operation.
Wasiq et al. discloses a system and method that provide application-layer cryptographic services by leveraging cryptographic material. 
Referring to the rejection of claim 13, (Alwen modified by Wasiq et al.) discloses wherein the instructions that cause the system to perform the cryptographic operation on the datum using the first cryptographic key to create the first cryptographically protected datum and perform the cryptographic operation on the cryptographically protected datum using the second cryptographic key to create the second cryptographically protected datum are executable to cause the system to segment a result of the cryptographic operation on the datum to obtain the cryptographically protected datum. (See Wasiq et al., Figure 2 and Col.6, lines 59-67-Col. 7, lines 1-35)
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date the claimed invention was made to combine Alwen’s method and system for exchanging encrypted communications using hybrid cryptography protocol modified with Wasiq et al.’s system and method that provide application-layer cryptographic services by leveraging cryptographic material. 
Motivation for such an implementation would enable exchanging cryptographically protected application data with a service application via a protected network connection without exchanging additional cryptographic credentials. (See Wasiq et al., Col. 2, lines 18-49)
Referring to the rejection of claim 14, (Alwen modified by Wasiq et al.) discloses wherein the instructions that cause the system to perform the cryptographic operation on the datum using the first cryptographic key to create the first cryptographically protected datum and perform the cryptographic operation on the cryptographically protected datum using the second cryptographic key to create the second cryptographically protected datum are executable to cause the system to segment the datum into individual blocks and perform the cryptographic operation on each block of the individual blocks to obtain the first cryptographically protected datum. (See Wasiq et al., Figure 2 and 3, Col.6, lines 59-67-Col. 7, lines 1-67)
The rationale for combining Alwen in view of Wasiq et al. is the same as claim 13.

Referring to the rejection of claims 9 and 19, (Alwen modified by Wasiq et al.) discloses wherein the instructions that cause the computer system to establish a cryptographically protected communications session with the other system further include instructions that cause the computer system to receive, from the other system, the first cryptographic material in response to a first message transmitted from the system to the other system, the first message comprising information about a first cryptographic algorithm and information about a second cryptographic algorithm. (See Wasiq et al., Figure 4, Col. 8, lines 42-61)
The rationale for combining Alwen in view of Wasiq et al. is the same as claim 13.

Referring to the rejection of claims 11 and 20, (Alwen modified by Wasiq et al.) discloses wherein the instructions that cause the computer system to establish a cryptographically protected communications session with the other system further include instructions that cause the computer system to transmit, to the other system, a first message comprising the second cryptographic material, the first message indicating a first cryptographic algorithm and a second cryptographic algorithm and, in response to the first message, receive from the other system a response comprising the first cryptographic material. (See Wasiq et al., Figure 4, Col. 8, lines 62-67-Col. 7, lines 1-20)
The rationale for combining Alwen in view of Wasiq et al. is the same as claim 13.

Conclusion
THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to COURTNEY D FIELDS whose telephone number is (571)272-3871. The examiner can normally be reached IFP M-F 8am-4:30pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, SHEWAYE GELAGAY can be reached on (571)272-4219. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/COURTNEY D FIELDS/Examiner, Art Unit 2436                                                                                                                                                                                                        November 5, 2022

/SHEWAYE GELAGAY/Supervisory Patent Examiner, Art Unit 2436