Detailed Action
This is a Non-final Office action in response to communications received on 5/13/2021.  Claims 1-20 are pending and are examined.

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Drawings
The drawings, filed 5/13/2021, are acknowledged.

Foreign Priority
The foreign priority date of 5/13/2020 is acknowledged.

Examiner Notes
The “computer-implemented apparatus” of claims 15 and 16 is interpreted as being hardware for 101 considerations.

Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.

Claims 1, 11 and 13-16 are rejected under 35 U.S.C. 102(a)(2) as being anticipated by Tola (US 2018/0343238 A1).
Regarding claim 1, Tola teaches the limitations of claim 1 substantially as follows:
A computer-implemented method for exchanging cryptographic key information between a device and a central point, wherein the method is executed by the device, the method comprising: (Tola; Figs. 20B, 21; Paras. [0165] & [0272]: Performing authentication (i.e. exchanging cryptographic key information) between a user device (i.e. device) and an authenticating peer (i.e. central point))
obtaining a cryptographic secret, wherein the cryptographic secret is known to the central point; (Tola; Para. [0175]: Device data which is signed and encrypted (i.e. cryptographic secret) and sent to the authenticating peer (i.e. known to the central point))
obtaining a public key of the central point; (Tola; Para. [0175]: The device encrypts using the authenticating peer’s public key (i.e. public key of the central point))
generating a cryptographic key pair for the device with a private key of the device and a public key of the device; (Tola; Para. [0171]: generate a private/public key pair for the device data (i.e. cryptographic key pair for the device))
signing the cryptographic secret with the private key of the device; (Tola; Para. [0175]: Device data which is signed by the private key of the device (i.e. signing the cryptographic secret with the private key of the device) and encrypted and sent to the authenticating peer)
encrypting the cryptographic secret signed with the private key of the device with the public key of the central point; (Tola; Para. [0175]: Device data which is signed by the private key of the device and encrypted with the public key of the authenticating peer (i.e. encrypting with the public key of the central point) and sent to the authenticating peer)
providing the encrypted and signed cryptographic secret, an address of an electronic mailbox of the device, and the public key of the device for the central point via an electronic mailbox of the central point.  (Tola; Paras. [0083], [0170] & [0175]: The authentication peer receives the signed and encrypted device data (i.e. encrypted and signed cryptographic secret) and the public key of the device (i.e. public key), data packet headers include source and destination IP addresses (i.e. address of an electronic mailbox of the device))

Regarding claim 11, Tola teaches the limitations of claim 11 substantially as follows:
A computer-implemented method for exchanging cryptographic key information between a device and a central point, wherein the method is executed by the central point, the method comprising: (Tola; Figs. 20B, 21; Paras. [0165] & [0272]: Performing authentication (i.e. exchanging cryptographic key information) between a user device (i.e. device) and an authenticating peer (i.e. central point))
providing a cryptographic secret for the device; (Tola; Para. [0175]: Device data which is signed and encrypted (i.e. cryptographic secret) and sent to the authenticating peer)
providing a public key of the central point for the device; (Tola; Para. [0175]: The device encrypts using the authenticating peer’s public key (i.e. public key of the central point))
obtaining a version of the cryptographic secret encrypted with the public key of the central point and signed with a private key of the device, an address of an electronic mailbox of the device, and a public key of the device from the device; (Tola; Paras. [0083], [0170] & [0175]: The authentication peer receives the signed and encrypted device data (i.e. encrypted and signed cryptographic secret) and the public key of the device (i.e. public key), data packet headers include source and destination IP addresses (i.e. address of an electronic mailbox of the device))
checking the obtained version of the cryptographic secret based on a private key of the central point and based on the cryptographic secret; (Tola; Para. [0171]: The authenticating client can decrypt the data encrypted using the authenticating client public key (i.e. checking the obtained version of the cryptographic secret based on a private key of the central point))
encrypted communicating with the device via the electronic mailbox of the device based on the public key of the device.  (Tola; Paras. [0083], [0170] & [0175]: The authentication peer receives the signed and encrypted device data and the public key of the device, data packet headers include source and destination IP addresses (i.e. address of an electronic mailbox of the device))

Regarding claim 13, Tola teaches the limitations of claim 1.
Tola teaches the limitations of claim 13 as follows:
A non-transitory medium with a program code for performing the method of claim 1 when the program code is executed on a computer, a processor, a controller or a programmable hardware component.  (Tola; Para. [0087]: Device comprises a memory and an operating system to execute processes)

Regarding claim 14, Tola teaches the limitations of claim 11.
Tola teaches the limitations of claim 14 as follows:
A non-transitory medium with a program code for performing the method of claim 11 when the program code is executed on a computer, a processor, a controller or a programmable hardware component.  (Tola; Para. [0087]: Device comprises a memory and an operating system to execute processes)

Regarding claim 15, Tola teaches the limitations of claim 1.
Tola teaches the limitations of claim 15 as follows:
A computer-implemented apparatus for exchanging cryptographic key information between a device and a central point, wherein the apparatus is suitable for exchanging the cryptographic key information from the device side, the apparatus comprising: an interface for communicating with the central point; and one or more processors designed to execute the method according to claim 1.  (Tola; Para. [0087]: Device comprises a memory and an operating system to execute processes)

Regarding claim 16, Tola teaches the limitations of claim 11.
Tola teaches the limitations of claim 16 as follows:
A computer-implemented apparatus for exchanging cryptographic key information between a device and a central point, wherein the apparatus is suitable for exchanging the cryptographic key information from the central point side, the apparatus comprising: an interface for communicating with the device; and one or more processors designed to execute the method of claim 11.  (Tola; Para. [0087]: Device comprises a memory and an operating system to execute processes)

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 2-6, 8-10, 12 and 17-20 are rejected under 35 U.S.C. 103 as being unpatentable over Tola (US 2018/0343238 A1), as applied to independent claims 1 and 11, further in view of Lu (US 2017/0180128 A1).
 Regarding claim 2, Tola teaches the limitations of claim 1.
Tola does not teach the limitations of claim 2 as follows:
The method of claim 1, wherein obtaining the public key of the central point comprises obtaining an address of the electronic mailbox of the central point and calling up the public key of the central point from the electronic mailbox of the central point.  
However, in the same field of endeavor, Lu discloses the limitations of claim 2 as follows:
The method of claim 1, wherein obtaining the public key of the central point comprises obtaining an address of the electronic mailbox of the central point and calling up the public key of the central point from the electronic mailbox of the central point.  (Lu; Paras. [0009]-[0010] & [0017]-[0018]: receive a request for signature from a user device, said request comprising both a block chain address and a user public key allocated to the user of the user device (i.e. obtaining an address of the electronic mailbox of the central point and calling up the public key of the central point))
Lu is combinable with Tola because all are from the same field of endeavor of encrypted information exchange. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified system of Tola to incorporate a secure distributed ledger containing blockchain addresses as in Lu in order to improve the security of the system by assigning addresses in a secure blockchain system.

Regarding claim 3, Tola teaches the limitations of claim 1.
Tola does not teach the limitations of claim 3 as follows:
The method of claim 1, wherein the electronic mailbox of the central point and the electronic mailbox of the device are accessible via a distributed database.  
However, in the same field of endeavor, Lu discloses the limitations of claim 3 as follows:
The method of claim 1, wherein the electronic mailbox of the central point and the electronic mailbox of the device are accessible via a distributed database.  (Lu; Paras. [0009]-[0010] & [0017]-[0018]: requests may contain blockchain addresses (i.e. electronic mailbox of the central point and the electronic mailbox of the device are accessible via a distributed database))
Lu is combinable with Tola because all are from the same field of endeavor of encrypted information exchange. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified system of Tola to incorporate a secure distributed ledger containing blockchain addresses as in Lu in order to improve the security of the system by assigning addresses in a secure blockchain system.

Regarding claim 4, Tola and Lu teach the limitations of claim 3.
Tola and Lu teach the limitations of claim 4 as follows:
The method of claim 3, wherein the distributed database is based on a distributed ledger technology, wherein addresses of the electronic mailbox of the central point and the electronic mailbox of the device are addresses on the distributed ledger.  (Lu; Paras. [0009]-[0010] & [0017]-[0018]: requests may contain blockchain addresses (i.e. distributed ledger technologies) (i.e. addresses on the distributed ledger))
The same motivation to combine as in claim 3 is applicable to the instant claim.

Regarding claim 5, Tola and Lu teach the limitations of claim 3.
Tola and Lu teach the limitations of claim 5 as follows:
The method of claim 3, wherein the distributed database is based on a plurality of nodes, wherein providing and/or obtaining data via an electronic mailbox through the distributed database is based on a random selection of one or more nodes of the plurality of nodes for providing and/or obtaining the information.  (Lu; Paras. [0009]-[0010] & [0017]-[0018]: requests may contain blockchain addresses (i.e. distributed database is based on a plurality of nodes))
The same motivation to combine as in claim 3 is applicable to the instant claim.

Regarding claim 6, Tola teaches the limitations of claim 1.
Tola does not teach the limitations of claim 6 as follows:
The method of claim 1, wherein the cryptographic secret is signed by a private key of the central point, wherein the method furthermore comprises checking the signature of the cryptographic secret based on the public key of the central point.  
However, in the same field of endeavor, Lu discloses the limitations of claim 6 as follows:
The method of claim 1, wherein the cryptographic secret is signed by a private key of the central point, wherein the method furthermore comprises checking the signature of the cryptographic secret based on the public key of the central point.  (Lu; Para. [0162]: performing a public key exchange (PKI) between devices (i.e. cryptographic secret is signed by a private key of the central point, wherein the method furthermore comprises checking the signature of the cryptographic secret based on the public key of the central point))
Lu is combinable with Tola because all are from the same field of endeavor of encrypted information exchange. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified system of Tola to incorporate a secure distributed ledger containing blockchain addresses as in Lu in order to improve the security of the system by assigning addresses in a secure blockchain system.

Regarding claim 8, Tola teaches the limitations of claim 1.
Tola does not teach the limitations of claim 8 as follows:
The method of claim 1, comprising generating the address of the electronic mailbox of the device based on another cryptographic secret.  
However, in the same field of endeavor, Lu discloses the limitations of claim 8 as follows:
The method of claim 1, comprising generating the address of the electronic mailbox of the device based on another cryptographic secret.  (Lu; Paras. [0009]-[0010]: Addresses generated made from a data blob (i.e. based on another cryptographic secret))
Lu is combinable with Tola because all are from the same field of endeavor of encrypted information exchange. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified system of Tola to incorporate a secure distributed ledger containing blockchain addresses as in Lu in order to improve the security of the system by assigning addresses in a secure blockchain system.

Regarding claim 9, Tola teaches the limitations of claim 1.
Tola does not teach the limitations of claim 9 as follows:
The method of claim 1, comprising obtaining a version of the public key of the device signed by the central point from the central point.  
However, in the same field of endeavor, Lu discloses the limitations of claim 9 as follows:
The method of claim 1, comprising obtaining a version of the public key of the device signed by the central point from the central point.  (Lu; Para. [0162]: performing a public key exchange between devices (i.e. obtaining a version of the public key of the device signed by the central point from the central point))
Lu is combinable with Tola because all are from the same field of endeavor of encrypted information exchange. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified system of Tola to incorporate a secure distributed ledger containing blockchain addresses as in Lu in order to improve the security of the system by assigning addresses in a secure blockchain system.

Regarding claim 10, Tola and Lu teach the limitations of claim 9.
Tola and Lu teach the limitations of claim 10 as follows:
The method of claim 9, comprising providing the signed version of the public key of the device via the electronic mailbox of the device.  (Lu; Para. [0162]: performing a public key exchange (PKI) between devices (i.e. providing the signed version of the public key of the device via the electronic mailbox of the device))
The same motivation to combine as in claim 9 is applicable to the instant claim.

Regarding claim 12, Tola teaches the limitations of claim 11.
Tola does not teach the limitations of claim 12 as follows:
The method of claim 11, comprising signing the public key of the device with the private key of the central point, and providing the signed public key for the device.  
However, in the same field of endeavor, Lu discloses the limitations of claim 12 as follows:
The method of claim 11, comprising signing the public key of the device with the private key of the central point, and providing the signed public key for the device.  (Lu; Para. [0162]: performing a public key exchange between devices (i.e. signing the public key of the device with the private key of the central point, and providing the signed public key for the device))
Lu is combinable with Tola because all are from the same field of endeavor of encrypted information exchange. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified system of Tola to incorporate a secure distributed ledger containing blockchain addresses as in Lu in order to improve the security of the system by assigning addresses in a secure blockchain system.

Regarding claim 17, Tola and Lu teach the limitations of claim 2.
Tola and Lu teach the limitations of claim 17 as follows:
The method of claim 2, wherein the electronic mailbox of the central point and the electronic mailbox of the device are accessible via a distributed database.  (Lu; Paras. [0009]-[0010] & [0017]-[0018]: requests may contain blockchain addresses (i.e. electronic mailbox of the central point and the electronic mailbox of the device are accessible via a distributed database))
The same motivation to combine as in claim 2 is applicable to the instant claim.

Regarding claim 18, Tola and Lu teach the limitations of claim 4.
Tola and Lu teach the limitations of claim 18 as follows:
The method of claim 4, wherein the distributed database is based on a plurality of nodes, wherein providing and/or obtaining data via an electronic mailbox through the distributed database is based on a random selection of one or more nodes of the plurality of nodes for providing and/or obtaining the information.  (Lu; Paras. [0009]-[0010] & [0017]-[0018]: requests may contain blockchain addresses (i.e. distributed database is based on a plurality of nodes))
The same motivation to combine as in claim 3 is applicable to the instant claim.

Regarding claim 19, Tola and Lu teach the limitations of claim 2.
Tola and Lu teach the limitations of claim 19 as follows:
The method of claim 2, wherein the cryptographic secret is signed by a private key of the central point, wherein the method furthermore comprises checking the signature of the cryptographic secret based on the public key of the central point.  (Lu; Para. [0162]: performing a public key exchange (PKI) between devices (i.e. cryptographic secret is signed by a private key of the central point, wherein the method furthermore comprises checking the signature of the cryptographic secret based on the public key of the central point))
The same motivation to combine as in claim 2 is applicable to the instant claim.

Regarding claim 20, Tola and Lu teach the limitations of claim 3.
Tola and Lu teach the limitations of claim 20 as follows:
The method of claim 3, wherein the cryptographic secret is signed by a private key of the central point, wherein the method furthermore comprises checking the signature of the cryptographic secret based on the public key of the central point. (Lu; Para. [0162]: performing a public key exchange (PKI) between devices (i.e. cryptographic secret is signed by a private key of the central point, wherein the method furthermore comprises checking the signature of the cryptographic secret based on the public key of the central point))
The same motivation to combine as in claim 3 is applicable to the instant claim.

Claim 7 is rejected under 35 U.S.C. 103 as being unpatentable over Tola (US 2018/0343238 A1), as applied to independent claim 1, further in view of Lu (US 2017/0180128 A1), further in view of Fallah (US 2019/0319808 A1).
 Regarding claim 7, Tola and Lu teach the limitations of claim 6.
Tola and Lu do not teach the limitations of claim 7 as follows:
The method of claim 6, wherein checking the signature and/or generating the cryptographic key pair is performed at least partially in a trusted execution environment of the device.  
However, in the same field of endeavor, Fallah discloses the limitations of claim 7 as follows:
The method of claim 6, wherein checking the signature and/or generating the cryptographic key pair is performed at least partially in a trusted execution environment of the device.  (Fallah; Para. [0038]: A trusted zone providing a trusted execution environment for sensitive code, such as is used for key generation (i.e. generating the cryptographic key pair is performed at least partially in a trusted execution environment of the device))
Fallah is combinable with Tola and Lu because all are from the same field of endeavor of encrypted information exchange. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified system of Tola and Lu to incorporate a trusted execution environment for generation of encryption keys as in Fallah in order to improve the security of the system by providing a secure execution environment for generating key pairs.

Prior Art Considered But Not Relied Upon
Millar (US 2022/0138748 A1) teaches receiving a secret key, and in response generating a public cryptographic key based on the received secret key.
Rasovsky (US 2020/0160947 A1) teaches a method of utilizing a secret cryptographic key for encrypting multimedia content in a blockchain system.

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to BLAKE ISAAC NARRAMORE whose telephone number is (303)297-4357.  The examiner can normally be reached on Monday - Friday 0700-1700 MT.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Taghi T Arani can be reached on (571) 272-3787.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/B.I.N./Examiner, Art Unit 2438 

/TAGHI T ARANI/Supervisory Patent Examiner, Art Unit 2438