DETAILED ACTION
This action is in response to the amendment filed on August 18, 2022. Claims 1-6, 9-23 are pending. Claims 1-5, 9-22 have been amended and claims 7-8 have been canceled. Of such, claims 1-6, 9-10 represent a device, claims 11-14 represents a method, claims 15-20 represent another device, and claims 21-23 represent another method directed to zero-knowledge authentication based on device information. 
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Response to Arguments
Applicant’s arguments, see pages 14-18, filed on August 18, 2022, with respect to the rejection(s) of claim(s) 1-23 under Portnoi, Neumann, and Ceravolo have been fully considered and are persuasive.  Therefore, the rejection has been withdrawn.  However, upon further consideration, a new ground(s) of rejection is made in view of Portnoi, Han, Neumann, and Ceravolo.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-2, 4-11, 13-19, and 21-23 are rejected under 35 U.S.C. 103 as being anticipated over Portnoi et al. (NPL Location-Enhanced Authenticated Key Exchange), hereinafter referred to as Portnoi, in view of Han et al (CN 110991655), hereinafter referred to as Han.
	Regarding Claim 1, Portnoi discloses:
An electronic device, comprising: a processor configured to: generate a first key pair associated with the electronic device, wherein a secret key of the first key pair is generated based on at least one (In the Abstract, Portnoi discloses “LOCATHE (Location-Enhanced Authenticated Key Exchange), a generic protocol that pools location, user attributes, access policy and desired services into a multi-factor authentication, allowing two peers to establish a secure, encrypted session and perform mutual authentication with pre-shared keys, passwords and other authentication factors.”); transmit a communication request to a verifier device, wherein the communication request corresponds to a request for communication between the electronic device and the verifier device (On page 2, Portnoi discloses “The authentication protocol is divided into three stages (Broadcast, Privacy Authentication, and Exchange Authentication/Long Term Key Generation) and involves pairs of messages (a request and a response) plus one initial broadcast exchanged between two parties”); generate first zero-knowledge information, wherein the first zero-knowledge information is based on the generated secret key of the first key pair, the generated random message, and the first hash information (On page 3, Portnoi discloses “The user agent utilizes its session keys to encrypt and send its AUTH_TIER1_i to the Service (r).”), and a first public key of the first key pair is stored in the verifier device (On page 1, Portnoi discloses “Secure Remote Password (SRP) [10], offers a verifier-based, perfect-forward-secrecy authentication in which a server stores an asymmetric form of a password (the verifier)”); transmit the first zero-knowledge information to the verifier device for a verification of the transmitted communication request, wherein the verification of the transmitted communication request is based on the first public key associated with the electronic device and stored in the verifier device (On page 3, Portnoi discloses “The user agent utilizes its session keys to encrypt and send its AUTH_TIER1_i to the Service (r).”); receive verification information from the verifier device based on the transmitted first zero-knowledge information and a successful verification of the verification of the transmitted communication request (On page 4 and Figure 1, Portnoi discloses “If this final authentication is valid, the Service proceeds to send its AUTHr to the user agent and compute the long-term secret key LongTermSecret, which may be stored and substitute UserKey in further Tier 2 authentications.”); and communicate with the verifier device based on the received verification information (On Figure 1, Portnoi discloses “Exchange authenticated, continue with communication”).

However, Portnoi does not explicitly disclose the use of a random message generated from parameters. 
Han discloses: 
determine at least one random number (Han discloses in the summary of invention “randomly selecting a first message and the first random number”); generate a first parameter of a set of randomized parameters based on the determined at least one random number (Han discloses in the summary of invention “using homomorphic encryption algorithm, k-th random number based on a public key and generated in advance, respectively encrypting the model parameter k owned by the first model to obtain the k-th parameter ciphertext;”) generate a random message of the set of randomized parameters associated with the electronic device ; concatenate the generated first parameter and the generated random message (Han discloses in the summary of invention “the k-th challenge number and the k-th model parameter linear combination, and to overlay with the first message to obtain a verification message based on the superposition result of the k-th challenge number k with the random number and the first random number to be combined to obtain verification random number”); determine first hash information based on application of a first hash function on the concatenated first parameter and the generated random message (Han discloses in the summary of invention “respectively applying a predetermined hash function to the k-th second sequence to obtain the k-th challenge number.”)
One in ordinary skill in the art of cryptography would have been motivated, before the effective filing date of the claimed invention to modify Portnoi’s approach by utilizing Han’s approach of sending a random message with the zero knowledge proof based on the parameters as the motivation would be to improve and protect the safety of each users privacy data (see Han Background).
 Regarding Claim 2, The combination of Portnoi and Han disclose: 
The electronic device according to claim 1, wherein the  (On page 1, Portnoi discloses “LOCATHE (pronounced “locate”), a Location-Enhanced Authenticated Key Exchange, a generic protocol that combines location, user attributes, access policy and desired services as multi-factor authentication (MFA) factors to allow two parties to establish an encrypted, secure session and further perform mutual authentication with preshared keys, passwords and other authentication factors.”).
Regarding Claim 4, The combination of Portnoi and Han disclose: 
The electronic device according to claim 1, wherein the  processor is further configured to: determine the first hash information based on an application of the first hash function on the set of randomized parameters; and transmit the determined first hash information with the generated first zero- knowledge information to the verifier device. (On page 3, Portnoi discloses “The user agent utilizes its session keys to encrypt and send its AUTH_TIER1_i to the Service (r). This AUTH_TIER1_i payload is produced from a combination of hashes of Nb, the nonces exchanged during Broadcast/ECDHE, <SignedOctets> (which includes SK_p and Nr) and the public ECDHE key KEr.”).
Regarding Claim 5, The combination of Portnoi and Han disclose:
The electronic device according to claim 4, wherein the verifier device: generates second hash information based on an application of a second hash function on the first public key stored in the verifier device and on the set of randomized parameters included in the transmitted zero-knowledge information; compares the received first hash information with the generated second hash information (On page 3, Portnoi discloses “Upon receiving the message, the Service computes the expected AUTH_TIER1_i and compares it with the user’s.”); and generates the verification information based on the comparison (On Figure 1, Portnoi discloses “Exchange authenticated, continue with communication”).
Regarding Claim 6, The combination of Portnoi and Han disclose: 
The electronic device according to claim 5, wherein the generation of the verification information indicates that the received first hash information and the generated second hash information are same (On page 3, Portnoi discloses “If matched, the user is authenticated in the Tier 1 privacy mode”).
Regarding Claim 9, The combination of Portnoi and Han disclose: 
The electronic device according to claim 1, wherein the processor is further configured to: 48Docket No. SYP336092US01 generate a second parameter of the set of randomized parameters based on the determined first hash information, the secret key and the determined at least one random number; generate the second zero-knowledge information based on the determined first hash information, the generated first random message, and the generated second parameter that is based on the first secret key associated with the electronic device; and transmit the second generated zero-knowledge information to the verifier device (On page 3, Portnoi discloses “in Tier 2 Privacy authentication, a shared secret key and a second-factor token authenticator validate the user agent in a ZKPP exchange with the Service”).
Regarding Claim 10, The combination of Portnoi and Han disclose: 
The electronic device according to claim 1, wherein the first processor is further configured to: transmit the first public key of the first key pair to the verifier device for a setup of the communication between the electronic device and the verifier device; and receive a second public key of a second key pair associated with the verifier device for completion of the setup of the communication between the electronic device and the verifier device (On page 2, Portnoi discloses “In the registration phase, a user registers with the Service running LOCATHE and exchanges security parameters such as the Service’s public key, the user’s ABE secret key and attributes, the seed and clock for the token authenticator algorithm, base point G for ECDHE, key-derivation function (KDF) salts, and a secret shared user key (UserKey).”).
	Regarding Claim 11, Portnoi discloses:
A method, comprising: in an electronic device: generating a first key pair associated with the electronic device, wherein a secret key of the first key pair is generated based on at least one device property  including identification information of the electronic device (In the Abstract, Portnoi discloses “LOCATHE (Location-Enhanced Authenticated Key Exchange), a generic protocol that pools location, user attributes, access policy and desired services into a multi-factor authentication, allowing two peers to establish a secure, encrypted session and perform mutual authentication with pre-shared keys, passwords and other authentication factors.”); transmitting a communication request to a verifier device, wherein the communication request corresponds to a request for communication between the electronic device and the verifier device (On page 2, Portnoi discloses “The authentication protocol is divided into three stages (Broadcast, Privacy Authentication, and Exchange Authentication/Long Term Key Generation) and involves pairs of messages (a request and a response) plus one initial broadcast exchanged between two parties”); generating first zero-knowledge information , wherein the first zero-knowledge information is based on the generated secret key of the first key pair associated with the electronic device, the generated random message, and the first hash information (On page 3, Portnoi discloses “The user agent utilizes its session keys to encrypt and send its AUTH_TIER1_i to the Service (r).”), and a first public key of the first key pair is stored in the verifier device (On page 1, Portnoi discloses “Secure Remote Password (SRP) [10], offers a verifier-based, perfect-forward-secrecy authentication in which a server stores an asymmetric form of a password (the verifier)”); transmitting the first zero-knowledge information to the verifier device for a verification of the transmitted communication request, wherein the verification of the transmitted communication request is based on the first public key of the first key pair associated with the electronic device and stored in the verifier device  (On page 3, Portnoi discloses “The user agent utilizes its session keys to encrypt and send its AUTH_TIER1_i to the Service (r).”);; receiving verification information from the verifier device based on the transmitted first zero-knowledge information and a successful verification of the verification of the transmitted communication request (On page 4 and Figure 1, Portnoi discloses “If this final authentication is valid, the Service proceeds to send its AUTHr to the user agent and compute the long-term secret key LongTermSecret, which may be stored and substitute UserKey in further Tier 2 authentications.”);  and communicating with the verifier device based on the received verification information (On Figure 1, Portnoi discloses “Exchange authenticated, continue with communication”).
However, Portnoi does not explicitly disclose the use of a random message generated from parameters. 
Han discloses: 
determining at least one random number (Han discloses in the summary of invention “randomly selecting a first message and the first random number”); generating a first parameter of a set of randomized parameters based on the determined at least one random number (Han discloses in the summary of invention “using homomorphic encryption algorithm, k-th random number based on a public key and generated in advance, respectively encrypting the model parameter k owned by the first model to obtain the k-th parameter ciphertext;”) ; generating a random message of the set of randomized parameters associated with the electronic device; concatenating the generated first parameter and the generated random message (Han discloses in the summary of invention “the k-th challenge number and the k-th model parameter linear combination, and to overlay with the first message to obtain a verification message based on the superposition result of the k-th challenge number k with the random number and the first random number to be combined to obtain verification random number”); determining first hash information based on application of a first hash function on the concatenated first parameter and the generated random message (Han discloses in the summary of invention “respectively applying a predetermined hash function to the k-th second sequence to obtain the k-th challenge number.”) 
One in ordinary skill in the art of cryptography would have been motivated, before the effective filing date of the claimed invention to modify Portnoi’s approach by utilizing Han’s approach of sending a random message with the zero knowledge proof based on the parameters as the motivation would be to improve and protect the safety of each users privacy data (see Han Background).
Regarding Claim 13, The combination of Portnoi and Han disclose: 
The method according to claim 11, further comprising: determining the first hash information based on an application of the first hash function on the set of randomized parameters; and 50Docket No. SYP336092US01 transmitting the determined first hash information with the first generated zero-knowledge information to the verifier device. (On page 3, Portnoi discloses “The user agent utilizes its session keys to encrypt and send its AUTH_TIER1_i to the Service (r). This AUTH_TIER1_i payload is produced from a combination of hashes of Nb, the nonces exchanged during Broadcast/ECDHE, <SignedOctets> (which includes SK_p and Nr) and the public ECDHE key KEr.”).
Regarding Claim 14, The combination of Portnoi and Han disclose: 
The method according to claim 13, further comprising: determining the first hash information based on the application of the first hash function on the generated first parameter of the first set of randomized parameters (On page 3, Portnoi discloses “The user agent utilizes its session keys to encrypt and send its AUTH_TIER1_i to the Service (r). This AUTH_TIER1_i payload is produced from a combination of hashes of Nb, the nonces exchanged during Broadcast/ECDHE, <SignedOctets> (which includes SK_p and Nr) and the public ECDHE key KEr.”).
Regarding Claim 15, Portnoi discloses:
A verifier device, comprising: a processor; and a memory configured to store a first public key associated with a first electronic device (On page 1, Portnoi discloses “Secure Remote Password (SRP) [10], offers a verifier-based, perfect-forward-secrecy authentication in which a server stores an asymmetric form of a password (the verifier)”), wherein the processor is configured to: receive a communication request from the first electronic device, wherein the communication request corresponds to a request for communication between the verifier device and the first electronic device (On page 2, Portnoi discloses “The authentication protocol is divided into three stages (Broadcast, Privacy Authentication, and Exchange Authentication/Long Term Key Generation) and involves pairs of messages (a request and a response) plus one initial broadcast exchanged between two parties”); receive zero-knowledge information from the first electronic device (On page 3, Portnoi discloses “The user agent utilizes its session keys to encrypt and send its AUTH_TIER1_i to the Service (r).”), the first secret key of the first key pair is generated based on at least one (In the Abstract, Portnoi discloses “LOCATHE (Location-Enhanced Authenticated Key Exchange), a generic protocol that pools location, user attributes, access policy and desired services into a multi-factor authentication, allowing two peers to establish a secure, encrypted session and perform mutual authentication with pre-shared keys, passwords and other authentication factors.”), generate verification information based on the received zero-knowledge information and the stored first public key associated with the first electronic device (On page 4 and Figure 1, Portnoi discloses “If this final authentication is valid, the Service proceeds to send its AUTHr to the user agent and compute the long-term secret key LongTermSecret, which may be stored and substitute UserKey in further Tier 2 authentications.”); and transmit the generated verification information to the first electronic device for the communication between the verifier device and the first electronic device (On Figure 1, Portnoi discloses “Exchange authenticated, continue with communication”).
However, Portnoi does not explicitly disclose the use of a random message generated from parameters. 
Han discloses: 
wherein the first electronic device generates the zero-knowledge information based on a first secret key of a first key pair associated with the first electronic device, a random message, and a first hash information (Han discloses in the summary of invention “sending a zero-knowledge proof to the data owning side, wherein it comprises said verification information and verifying the random number, so that the data owning party verification, using the k-th challenge number k parameter of the said ciphertext and said auxiliary ciphertext”) , the random message is generated from a set of randomized parameters associated with the first electronic device (Han discloses in the summary of invention “using homomorphic encryption algorithm, k-th random number based on a public key and generated in advance, respectively encrypting the model parameter k owned by the first model to obtain the k-th parameter ciphertext;”) ,  and the first hash information is determined based on concatenation of a first parameter and the random message (Han discloses in the summary of invention “respectively applying a predetermined hash function to the k-th second sequence to obtain the k-th challenge number.”) 
One in ordinary skill in the art of cryptography would have been motivated, before the effective filing date of the claimed invention to modify Portnoi’s approach by utilizing Han’s approach of sending a random message with the zero knowledge proof based on the parameters as the motivation would be to improve and protect the safety of each users privacy data (see Han Background).
Regarding Claim 16, The combination of Portnoi and Han disclose: 
The verifier device according to claim 15, wherein the electronic device generates the first secret key of the first key pair based on time information and location information related to the first electronic device. (On page 1, Portnoi discloses “LOCATHE (pronounced “locate”), a Location-Enhanced Authenticated Key Exchange, a generic protocol that combines location, user attributes, access policy and desired services as multi-factor authentication (MFA) factors to allow two parties to establish an encrypted, secure session and further perform mutual authentication with preshared keys, passwords and other authentication factors.”).
Regarding Claim 17, The combination of Portnoi and Han disclose: 
The verifier device according to claim 15, wherein the second processor is further configured to: receive first hash information from the first electronic device with the zero- knowledge information (On page 3, Portnoi discloses “The user agent utilizes its session keys to encrypt and send its AUTH_TIER1_i to the Service (r). This AUTH_TIER1_i payload is produced from a combination of hashes of Nb, the nonces exchanged during Broadcast/ECDHE, <SignedOctets> (which includes SK_p and Nr) and the public ECDHE key KEr.”); generate second hash information based on an application of a second hash function on the first public key stored in the verifier device and on the set of randomized parameters included in the received zero-knowledge information; compare the received first hash information with the generated second hash information (On page 3, Portnoi discloses “Upon receiving the message, the Service computes the expected AUTH_TIER1_i and compares it with the user’s.”); and generate the verification information based on the comparison, wherein the generation of the verification information indicates that the received first hash information and the generated second hash information are same  (On Figure 1, Portnoi discloses “Exchange authenticated, continue with communication”).
Regarding Claim 18, The combination of Portnoi and Han disclose: 
The verifier device according to claim 17, wherein the second processor is further configured to: generate a third parameter of the set of randomized parameters based on a second parameter received from the first electronic device, the first 52Docket No. SYP336092US01 public key associated with the first electronic device, and the received first hash information; and generate the second hash information based on the application of the second hash function on the generated third parameter of the set of randomized parameters and the random message included in the received zero-knowledge information (On page 3, Portnoi discloses “in Tier 2 Privacy authentication, a shared secret key and a second-factor token authenticator validate the user agent in a ZKPP exchange with the Service”).
Regarding Claim 19, The combination of Portnoi and Han disclose: 
The verifier device according to claim 15, wherein the processor is further configured to: generate a second key pair that includes a second secret key and a second public key based on at least one device property of the verifier device, wherein the at least one device property of the verifier device includes identification information of the verifier device; transmit the second public key of the second key pair to the first electronic device for a setup of the communication between the verifier device with the first electronic device; and receive the first public key of the first key pair associated with the first electronic device for completion of the setup of the communication between the verifier device with the electronic device (In the Abstract, Portnoi discloses “LOCATHE (Location-Enhanced Authenticated Key Exchange), a generic protocol that pools location, user attributes, access policy and desired services into a multi-factor authentication, allowing two peers to establish a secure, encrypted session and perform mutual authentication with pre-shared keys, passwords and other authentication factors”).
Regarding Claim 21, Portnoi discloses:
A method, comprising: in a verifier device: receiving a communication request from an electronic device, wherein the communication request corresponds to a request for communication between the verifier device and the electronic device (On page 2, Portnoi discloses “The authentication protocol is divided into three stages (Broadcast, Privacy Authentication, and Exchange Authentication/Long Term Key Generation) and involves pairs of messages (a request and a response) plus one initial broadcast exchanged between two parties”); receiving zero-knowledge information from the electronic device (On page 3, Portnoi discloses “The user agent utilizes its session keys to encrypt and send its AUTH_TIER1_i to the Service (r).”), the first secret key of the first key pair is generated based on at least one device property  including identification information of the electronic device (In the Abstract, Portnoi discloses “LOCATHE (Location-Enhanced Authenticated Key Exchange), a generic protocol that pools location, user attributes, access policy and desired services into a multi-factor authentication, allowing two peers to establish a secure, encrypted session and perform mutual authentication with pre-shared keys, passwords and other authentication factors.”), generating verification information based on the received zero-knowledge information and a first public key associated with the electronic device and stored in the verifier device (On page 4 and Figure 1, Portnoi discloses “If this final authentication is valid, the Service proceeds to send its AUTHr to the user agent and compute the long-term secret key LongTermSecret, which may be stored and substitute UserKey in further Tier 2 authentications.”); and transmitting the generated verification information to the electronic device for the communication between the verifier device and the electronic device (On Figure 1, Portnoi discloses “Exchange authenticated, continue with communication”).
However, Portnoi does not explicitly disclose the use of a random message generated from parameters. 
Han discloses: 
wherein the electronic device generates the zero-knowledge information based on a first secret key of a first key pair associated with the electronic device, a random message, and a first hash information (Han discloses in the summary of invention “sending a zero-knowledge proof to the data owning side, wherein it comprises said verification information and verifying the random number, so that the data owning party verification, using the k-th challenge number k parameter of the said ciphertext and said auxiliary ciphertext”), the random message is generated from a set of randomized parameters associated with the electronic device (Han discloses in the summary of invention “using homomorphic encryption algorithm, k-th random number based on a public key and generated in advance, respectively encrypting the model parameter k owned by the first model to obtain the k-th parameter ciphertext;”)  and the first hash information is determined based on concatenation of a first parameter and the random message (Han discloses in the summary of invention “respectively applying a predetermined hash function to the k-th second sequence to obtain the k-th challenge number.”) 
One in ordinary skill in the art of cryptography would have been motivated, before the effective filing date of the claimed invention to modify Portnoi’s approach by utilizing Han’s approach of sending a random message with the zero knowledge proof based on the parameters as the motivation would be to improve and protect the safety of each users privacy data (see Han Background).
Regarding Claim 22, The combination of Portnoi and Han disclose: 
The method according to claim 21, further comprising: receiving the first hash information from the electronic device with the zero- knowledge information (On page 3, Portnoi discloses “The user agent utilizes its session keys to encrypt and send its AUTH_TIER1_i to the Service (r). This AUTH_TIER1_i payload is produced from a combination of hashes of Nb, the nonces exchanged during Broadcast/ECDHE, <SignedOctets> (which includes SK_p and Nr) and the public ECDHE key KEr.”); generating second hash information based on an application of a second hash function on the first public key stored in the verifier device and on the set of randomized parameters included in the received zero-knowledge information(On page 3, Portnoi discloses “Upon receiving the message, the Service computes the expected AUTH_TIER1_i and compares it with the user’s.”);; comparing the received first hash information with the generated second hash information; and generating the verification information based on the comparison  (On Figure 1, Portnoi discloses “Exchange authenticated, continue with communication”).
Regarding Claim 23, The combination of Portnoi and Han disclose: 
The method according to claim 22, wherein the verification information indicates that the received first hash information and the generated second hash information are same (On page 3, Portnoi discloses “If matched, the user is authenticated in the Tier 1 privacy mode”).
Claim 3 and 12 are rejected under 35 U.S.C. 103 as being anticipated over Portnoi et al. (NPL Location-Enhanced Authenticated Key Exchange), hereinafter referred to as Portnoi, in view of Han et al (CN 110991655), hereinafter referred to as Han, and in further view of Neumann et al (US Publication Number 20100172503), hereinafter referred to as Neumann.
Regarding Claim 3, the combination of Portnoi and Han discloses the limitations according to claim 1. 
Portnoi does not explicitly teach the limitation of generating the public key based on the secret key. 
However, Neumann discloses the following limitation: 
The electronic device according to claim 1, wherein the processor is further configured to generate the first public key of the first key pair based on the generated secret key (In ¶ 11, Neumann discloses “wherein the method comprises generating a public key based on a private key and a unique identifier associated with the electronic device”).
One in ordinary skill in the art of cryptography would have been motivated, before the effective filing date of the claimed invention to modify Portnoi and Han’s approach by utilizing Neumann’s approach of generating the public key based on the secret key as the motivation would be generating a public key based on a private key and a unique identifier it may be possible to use a significantly shorter key, e.g. fewer bits, than known in common asymmetric proof protocols, like Zero Knowledge Proofs of Knowledge, while almost keeping the security level compared to standard use of Zero Knowledge Proofs of Knowledge protocols (see Neumann ¶ 19).
Regarding Claim 12, the combination of Portnoi and Han disclose:
The method according to claim 11, wherein the secret key of the first key pair is generated based on time information and location information related to the electronic device (On page 1, Portnoi discloses “LOCATHE (pronounced “locate”), a Location-Enhanced Authenticated Key Exchange, a generic protocol that combines location, user attributes, access policy and desired services as multi-factor authentication (MFA) factors to allow two parties to establish an encrypted, secure session and further perform mutual authentication with preshared keys, passwords and other authentication factors.”).
Portnoi does not explicitly teach the limitation of generating the public key based on the secret key. 
However, Neumann discloses the following limitation: 
 the first public key of the first key pair is generated based on the generated secret key (In ¶ 11, Neumann discloses “wherein the method comprises generating a public key based on a private key and a unique identifier associated with the electronic device”).
One in ordinary skill in the art of cryptography would have been motivated, before the effective filing date of the claimed invention to modify Portnoi and Han’s approach by utilizing Neumann’s approach of generating the public key based on the secret key as the motivation would be generating a public key based on a private key and a unique identifier it may be possible to use a significantly shorter key, e.g. fewer bits, than known in common asymmetric proof protocols, like Zero Knowledge Proofs of Knowledge, while almost keeping the security level compared to standard use of Zero Knowledge Proofs of Knowledge protocols (see Neumann ¶ 19).
Claim 20 is rejected under 35 U.S.C. 103 as being anticipated over Portnoi et al. (NPL Location-Enhanced Authenticated Key Exchange), hereinafter referred to as Portnoi, in view of Han et al (CN 110991655), hereinafter referred to as Han, and in further view of Ceravolo et al (US Publication Number 20220109573), hereinafter referred to as Ceravolo.
Regarding Claim 3, the combination of Portnoi and Han disclose:
The verifier device according to claim 15, wherein the processor is further configured to: receive a third public key of a third key pair associated with the second electronic device for a setup of the communication between the verifier device and the second electronic device; and transmit a second public key associated with the verifier device to the second electronic device for completion of the setup of the communication between the verifier device and the second electronic device (On page 2, Portnoi discloses “a user’s set of secret and shared keys are valid through a time period, after which the Service may expire them in its database, requiring the user to update them with re-registration.”)
Portnoi does not explicitly teach the limitation of disabling the public key.
 However, Neumann discloses the following limitation: 
Receive a disable command from a second electronic device communicatively coupled to the verifier device, wherein the disable command relates to disablement of the first public key stored in the verifier device; 53Docket No. SYP336092US01 remove the stored first public key associated with the first electronic device from the second memory based on the received disable command from the second electronic device (In ¶ 174, Ceravolo discloses “As a last resort, the administrator can delete the user's public key and revoke access altogether. Revoking access altogether requires the user to re-enroll by returning to a secure location and re-entering their information in the enrollment terminal”).
One in ordinary skill in the art of cryptography would have been motivated, before the effective filing date of the claimed invention to modify Portnoi and Han’s approach by utilizing Ceravolo’s approach of sending a disable command to revoke the public key as the motivation would be to keep the connected devices under the administrators control to keep the devices secure (see Ceravolo ¶ 4).
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. 
Kevin et al. (US 10685350) discloses a method for zero knowledge authentication of contactless cards. 
Nyang et al. (US 20030115464) discloses a password-based authentication and key exchange protocol using zero knowledge proofs. 
Goranov, Boris (US 20180123794) discloses a method for establishing a secure session between to entities using zero knowledge authentication. 
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SHADI H KOBROSLI whose telephone number is (571)272-1952. The examiner can normally be reached M-F 9am-5pm ET.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Saleh Najjar can be reached on 571-272-4006. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/SHADI H KOBROSLI/Examiner, Art Unit 2492                                                                                                                                                                                         
/OLEG KORSAK/Primary Examiner, Art Unit 2492