DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This written action is responding to the amendment dated on 11/08/2022.
Claims 1-2, 4-6, 9-15 and  22-25 have been amended. All other claims are previously presented.
Claims 1-25 are submitted for examination.
Claims 1-25 are pending.
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  

Priority
This application filed on December 30, 2020 does not claim any priority.

Examiner’s Note
Claim 24 and Claim 25 are computer program product claims.  The paragraphs 125-126 describes the computer program product as “not to be construed as being transitory signals per se, such as radio waves or other freely propagating electromagnetic waves, electromagnetic waves propagating through a waveguide or other transmission media (e.g., light pulses passing through a fiber-optic cable), or electrical signals transmitted through a wire”. Thus Claims 24 and 25 are compliant with 35 U.S.C. 101.

Response to Arguments
Applicant’s amendment filed on November 08, 2022, has claims 1-2, 4-6, 9-15 and  22-25 amended and all other claims are previously presented.
The prior rejection of 35 U.S.C. 101 of Claims 14-23 has been withdrawn in view of the amendment received on November 08, 2022.
The prior rejection of 35 U.S.C. 112(b) of Claim 11 and Claim 25 has been withdrawn based on applicant’s explanation during the interview and as specified in the remark filed on November 08, 2022 that "second encrypted key" and the "second key" refer to different keys.
Applicant’s remark, filed on November 08, 2022 on the middle of page 9 regarding, “claim 11 has been amended to require "independently generating, by the transcoder, a third key." Support for this amendment is found, inter alia, in paragraph(s) 0062-0063, 0073, 0082 of the present application. See also keygen 326 and k3 328 of Figs. 3 and 4. In sharp contrast, none of the art of record in any combination discloses the unique combination of features claimed. Accordingly, the art of record does not anticipate claim 11” has been considered and found persuasive, however cited art by Rameez (US # 2021/0167955) discloses, “at step 233, the authorization system generates a complementary third key pair, comprising a third encryption key and a third decryption key. The purpose of the key pair is for the third encryption key to encrypt the dual-encrypted data such that the third decryption key can be used to remove the second encryption layer”. (Fig. 2A(233), ¶73). “The third key pair may be user-specific and/or request-specific. That is, the third key pair may be generated based on the user who sent the download request at step 223. Thus, if the same user sends multiple download requests for the same data, this will result in the same third key pair. Alternatively, the third key pair may be generated based on the download request. Thus, if the same user sends multiple download requests for the same data, each request will be result in a new third key pair. In general, the same third key pair may not be used for different users. (¶75). Thus Rameez clearly teaches the limitation, “independently generating, by the transcoder, a third key”.
Applicant’s remark, filed on November 08, 2022 on the middle of page 10 regarding, “claim 25 has been amended to require "program instructions to send, by the transcoder, the third key to the destination node." Support for this amendment is found, inter alia, in paragraph(s) 0070 of the present application. See also, operation 356 of Figs. 3 and 4. In sharp contrast, none of the art of record in any combination discloses the unique combination of features claimed. Accordingly, the art of record does not anticipate claim 25 and the rejection thereof must be withdrawn”, has been considered and found persuasive, however cited art by Rameez (US # 2021/0167955) discloses, “At step 243, the encryption system sends the download link to the authorization system. At step 251, the authorization system receives the download link, and sends the download link and the third decryption key to the user. This may occur in an acknowledgement of or response to the download request sent at step 223. Alternatively, this may be sent separately”. (Fig. 2A(243, 251, ¶79-¶80).
Applicant’s remark, filed on November 08, 2022 on the bottom of page 11 and top of page 12  regarding, “claim 1 has been amended to require "encrypting, by the transcoder, the first encrypted data using a third key to create third encrypted data; sending, by the transcoder, the third encrypted data to a destination node; and sending, by the transcoder, the third key to the destination node." Support for this limitation is found, inter alia, in paragraph(s) 0070 of the present application. See also, operation 356 of Figs. 3 and 4. In sharp contrast, none of the art of record in any combination teaches or suggests the unique combination of features claimed”, has been considered and found persuasive, however cited prior art by Sprunk et al. (US # 2008/0049942) discloses, “the PKI server 16 then encrypts the end-to-end-encrypted private key with a PKIS session key, resulting in a PKIS session key-encrypted private key. Such encryption is shown generally as PKIS session key encryption 82. After the end-to-end-encrypted private key is also PKIS session key encrypted, the PKI server 16 transfers the double-encrypted private key to the PKI station 18, e.g., over a secure tunnel therebetween. The transfer of the session key-encrypted private key over the PKIS secure tunnel is shown generally as PKIS secure tunnel-based transfer 84”. (Fig. 3, ¶45). “The method 120 also includes a step 128 of transferring the PKIS session key-encrypted PKI data to the PKI station 18. After the end-to-end-encrypted private key is PKIS session key encrypted (step 136), the PKI server 16 transfers the PKIS session key-encrypted private key to the PKI station 18, e.g., using an SSL-authenticated and encrypted secure tunnel coupled therebetween”. (Fig. 5(128), ¶80). The cited art by Rameez (US # 2021/0167955) discloses, “At step 243, the encryption system sends the download link to the authorization system. At step 251, the authorization system receives the download link, and sends the download link and the third decryption key to the user. This may occur in an acknowledgement of or response to the download request sent at step 223. Alternatively, this may be sent separately”. (Fig. 2A(243, 251, ¶79-¶80).Thus combination of Sprunk and Rameez teaches the limitation, “encrypting, by the transcoder, the first encrypted data using a third key to create third encrypted data; sending, by the transcoder, the third encrypted data to a destination node; and sending, by the transcoder, the third key to the destination node". The motivation/suggestion for doing so would be that the third decryption key can be used to remove the second encryption layer. The third key pair may be selected for proxy re-encryption..
 Applicant’s remark, filed on November 08, 2022 on bottom of page 13 regarding,  “claim 14 has been amended to require "encrypt, by the transcoder, the first encrypted data using a third key to create third encrypted data; send, by the transcoder, the third encrypted data to a destination node; and send, by the transcoder, the third key to the destination node." Support for this limitation is found, inter alia, in paragraph(s) 0070 of the present application. See also, operation 356 of Figs. 3 and 4. In sharp contrast, none of the art of record in any combination teaches or suggests the unique combination of features claimed”, has been considered and found persuasive, however please see above paragraph 14 for the response where combination of Sprunk and Rameez clearly teaches the limitation. 
Applicant’s remark, filed on November 08, 2022 on middle of page 14 regarding,  “claim 24 has been amended to require "program instructions to encrypt, by the transcoder, the first encrypted data using a third key to create third encrypted data; program instructions to send, by the transcoder, the third encrypted data to a destination node; and program instructions to send, by the transcoder, the third key to the destination node." Support for this limitation is found, inter alia, in paragraph(s) 0070 of the present application. See also, operation 356 of Figs. 3 and 4. In sharp contrast, none of the art of record in any combination teaches or suggests the unique combination of features claimed”, has been considered and found persuasive, however please see above paragraph 14 for the response where combination of Sprunk and Rameez clearly teaches the limitation. 
Applicant further recites similar remarks as listed above for dependent claim, 2. Please see response for remarks in above paragraph 14 that clearly shows how the cited prior arts Yuting, Sprunk and Rameez clearly teaches the claimed limitations.
Applicant further recites similar remarks as listed above for dependent claim, 15. Please see response for remarks in above paragraph 14 that clearly shows how the cited prior arts Yuting, Sprunk and Rameez clearly teaches the claimed limitations.
Applicant further recites similar remarks as listed above for dependent claim, 3-5 and 8. Please see response for remarks in above paragraph 14 that clearly shows how the cited prior arts Yuting, Sprunk and Rameez clearly teaches the claimed limitations.
Applicant further recites similar remarks as listed above for dependent claim, 16-18 and 21. Please see response for remarks in above paragraph 14 that clearly shows how the cited prior arts Yuting, Sprunk and Rameez clearly teaches the claimed limitations.
Applicant further recites similar remarks as listed above for dependent claim, 6. Please see response for remarks in above paragraph 14 that clearly shows how the cited prior arts Yuting, Sprunk, Rameez and Sherkin clearly teaches the claimed limitations.
Applicant further recites similar remarks as listed above for dependent claim, 19. Please see response for remarks in above paragraph 14 that clearly shows how the cited prior arts Yuting, Sprunk, Rameez and Sherkin clearly teaches the claimed limitations.
Applicant further recites similar remarks as listed above for dependent claim, 7. Please see response for remarks in above paragraph 14 that clearly shows how the cited prior arts Yuting, Sprunk, Rameez and Kapp clearly teaches the claimed limitations.
Applicant further recites similar remarks as listed above for dependent claim, 20. Please see response for remarks in above paragraph 14 that clearly shows how the cited prior arts Yuting, Sprunk, Rameez and Kapp clearly teaches the claimed limitations.
Applicant further recites similar remarks as listed above for dependent claim, 9. Please see response for remarks in above paragraph 14 that clearly shows how the cited prior arts Yuting, Sprunk, Rameez, Kapp and Ellison clearly teaches the claimed limitations.
Applicant further recites similar remarks as listed above for dependent claim, 22 and 8. Please see response for remarks in above paragraph 14 that clearly shows how the cited prior arts Yuting, Sprunk and Rameez clearly teaches the claimed limitations.
Applicant further recites similar remarks as listed above for dependent claim, 10. Please see response for remarks in above paragraph 14 that clearly shows how the cited prior arts Yuting, Sprunk, Rameez, and Ellison clearly teaches the claimed limitations.
Applicant further recites similar remarks as listed above for dependent claim, 23. Please see response for remarks in above paragraph 14 that clearly shows how the cited prior arts Yuting, Sprunk, Rameez, and Ellison clearly teaches the claimed limitations.
Applicant further recites similar remarks as listed above for dependent claim, 12-13. Please see response for remarks in above paragraph 14 that clearly shows how the cited prior arts Yuting, and Sprunk clearly teaches the claimed limitations.

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claims 5, 12, 18-19 is rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor, or for pre-AIA  the applicant regards as the invention.
Claim 5, recites a limitation, “…sending, by the transcoder, the third key to the destination node”. Claim 12 recites a limitation ,”… sending, by the transcoder, the third key to the destination node”. It is not clear why the third key is being sent to the destination node again as independent claim 1 recites a similar limitation, “..sending, by the transcoder, the third key to the destination node”. 
Claim 18, recites a limitation, “…logic configured to send, by the transcoder, the third key to the destination node”.  Claim 19 recites a limitation, “…send, by the transcoder, the third key to the destination node”. It is not clear why the third key is being sent to the destination node again as independent Claim 14 recites a limitation, “..send, by the transcoder, the third key to the destination node”.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.



Claims 1-5, 8, 14-18, 21-22 and 24 are rejected under 35 U.S.C. 103 as being unpatentable over Yuting et al. (US PGPUB. # US 2021/0067495, hereinafter “Yuting”), and further in view of Sprunk et al. (US PGPUB. # US 2008/0049942, hereinafter “Sprunk”), and further in view of Rameez et al. (US PGPUB. # US 2021/0167955, hereinafter “Rameez”).

Referring to Claims 1, 14 and 24:
Regarding Claim 1, Yuting teaches,
A computer-implemented method, comprising: 
receiving, by a transcoder, second encrypted data, (Fig. 10(136), ¶78, “The double-encrypted data (second encrypted) is then transmitted to UE B at a step 136”, i.e. double encrypted data is received. Examiner submits that as per disclosure paragraph 65 the secure transcoder is implemented as hardware, software, etc. or any combination thereof. Thus examiner has interpreted the UE device and/or its component, software etc. as transcoder)
wherein the second encrypted data is data that has been encrypted in a first key to create first encrypted data that is then encrypted in a second key to create the second encrypted data; (Fig. 10(132, 134), ¶78,” At first step 132, UE A can encrypt the data to UE D by UE D's public key”, “the single-encrypted data can next be encrypted again at a step 134 using the public key of the relay UE B”, i.e. double encrypted data is first encrypted with UE D’s public key (first key) and then encrypted with UE E’s public key (second key))
encrypting, by the transcoder, the first encrypted data using a third key to create third encrypted data; (Fig. 10(140), “UE B then encrypts the data (which is now again only encrypted by the public key of UE D) using the public key of UE C at a step 140”, i.e. UE C’s public key is considered as third key and first encrypted data is encrypted with UE C’s public key, Examiner submits that as per disclosure paragraph 65 the secure transcoder is implemented as hardware, software, etc. or any combination thereof. Thus examiner has interpreted the UE device and/or its component, software etc. as transcoder); 
Yuting does not teach explicitly,
receiving, by the transcoder, the second key; 
decrypting, by the transcoder, the second encrypted data using the second key to obtain the first encrypted data; 
sending, by the transcoder, the third encrypted data to a destination node; and 
sending, by the transcoder, the third key to the destination node.
However, Sprunk teaches,
receiving, by the transcoder, the second key; (¶19, “the term "PKI data" refers to… symmetric cryptographic keys, private keys”, ¶25, “PKI server (PKIS)-specific encryption can be used in addition to the end-to-end encryption, e.g., for PKI data being delivered from the PKI data generator 12 to the PKI loader 14. Such encryption is referred to herein as PKIS-specific encryption”, ¶34, “The database 36 is replenished periodically with newly-created PKI data from the PKI data generator 12, ¶28, “The PKI server 16 typically removes the PKIS-specific encryption layer (i.e., decrypts the PKIS-specific encryption layer with a PKIS-specific database key) from a set of PKI data retrieved from its database”, i.e. Examiner submits that a second key is received from the PKI data generator and stored in the database. The key is used to decrypt outer layer of the double encrypted private key. As per disclosure paragraph 65 the secure transcoder is implemented as hardware, software, etc. or any combination thereof. Thus examiner has interpreted the PKI server and/or its component, software etc. as transcoder).
decrypting, by the transcoder, the second encrypted data using the second key to obtain the first encrypted data; (Fig. 3(78), ¶44, “the PKI server 16 performs PKIS decryption of the PKIS-encrypted private key stored therein, resulting in an end-to-end-encrypted private key”, Fig. 5(132), ¶78, “a step 134 of the PKI server 16 decrypting the outer encryption layer of the encrypted PKI data”, i.e. second encrypted data is decrypted with the second key, Examiner submits that as per disclosure paragraph 65 the secure transcoder is implemented as hardware, software, etc. or any combination thereof. Thus examiner has interpreted the PKI server and/or its component, software etc. as transcoder),  
sending, by the transcoder, the third encrypted data to a destination node. (Fig. 3, “PKI server 16 transfers the double-encrypted private key to the PKI station 18”, ¶45, “Fig. 5(128), ¶80, “The method 120 also includes a step 128 of transferring the PKIS session key-encrypted PKI data to the PKI station 18”, i.e. the double-encrypted private key (third encrypted data) is transmitted to the PKI station (destination node), Examiner submits that as per disclosure paragraph 65 the secure transcoder is implemented as hardware, software, etc. or any combination thereof. Thus examiner has interpreted the PKI server and/or its component, software etc. as transcoder).
As per KSR vs Teleflex, combining prior art elements according to known methods (device, product) to yield predictable results may be used to create a prima facie case of obviousness.
It would have been obvious to one of ordinary skill in the art before the effective filing date to have combined the teachings of Sprunk with the invention of Yuting.
Yuting teaches, receiving a double layer encrypted data encrypted with a first key and a second key. Sprunk teaches, receiving a second key and decrypting the second layer of double encrypted data. Therefore, it would have been obvious to have receiving a second key and decrypting the second layer of double encrypted data of Sprunk with  receiving a double layer encrypted data encrypted with a first key and a second key of Yuting to encrypt the decrypted first layer encrypted data with a different encryption key to provide secure device to device communication and avoid any intermediary device accessing confidential data. KSR Int’l v. Teleflex Inc., 127 S. Ct. 1727, 1740-41, 82 USPQ2d 1385, 1396 (2007). 
Combination of Yuting and Sprunk does not teach explicitly,
sending, by the transcoder, the third key to the destination node.
However, Rameez teaches,
sending, by the transcoder, the third key to the destination node. (Fig. 2A (243, 251), ¶79, “the encryption system sends the download link to the authorization system”, ¶80, “the authorization system receives the download link, and sends the download link and the third decryption key to the user”, i.e. third key is sent to the destination node).
As per KSR vs Teleflex, combining prior art elements according to known methods (device, product) to yield predictable results may be used to create a prima facie case of obviousness.
It would have been obvious to one of ordinary skill in the art before the effective filing date to have combined the teachings of Rameez with the invention of Yuting in view of Sprunk.
Yuting in view of Sprunk teaches, receiving a double layer encrypted data encrypted with a first key and a second key and receiving a second key and decrypting the second layer of double encrypted data. Rameez teaches, generating a third encryption key to encrypt double encrypted data and sending the third key to a node. Therefore, it would have been obvious to have generating a third encryption key to encrypt double encrypted data and sending the third key to a node of Rameez into the teachings of Yuting in view of Sprunk such that the third decryption key can be used to remove the second encryption layer. The third key pair may be selected for proxy re-encryption. KSR Int’l v. Teleflex Inc., 127 S. Ct. 1727, 1740-41, 82 USPQ2d 1385, 1396 (2007). 

Regarding Claim 14, it is a system Claim of above method Claim 1 and therefore Claim 14 is rejected with the same rationale as applied against Claim 1 above.
Yuting discloses a processor in Fig. 11 (202), ¶85.
 
Regarding Claim 24, it is a computer program product Claim of above method Claim 1 and therefore Claim 24 is rejected with the same rationale as applied against Claim 1 above.
Yuting discloses a program product in para. 20.

Referring to Claims 2 and 15:
Regarding Claim 2, rejection of Claim 1 is included and for the same motivation combination of Yuting and Sprunk does not teach explicitly,
The computer-implemented method of claim 1, wherein the second key is received from a source node, that sent the second encrypted data to the transcoder.
However, Rameez teaches,
The computer-implemented method of claim 1, wherein the second key is received from a source node, that sent the second encrypted data to the transcoder. (¶37, Fig. 2A, ¶72 “At step 232, the authorization system obtains the second key corresponding to the data identified by the download request”).

Regarding Claim 15, rejection of Claim 14 is included and Claim 15 is rejected with the same rationale as applied against Claim 2 above.

Referring to Claims 3 and 16:
Regarding Claim 3 rejection of Claim 1 is included and for the same motivation combination of Yuting and Sprunk does not teach explicitly.
The computer-implemented method of claim 1, wherein the second encrypted data is received based at least in part on data requests from the transcoder to storage.
However, Rameez teaches,
The computer-implemented method of claim 1, wherein the second encrypted data is received based at least in part on data requests from the transcoder to storage. (Fig. 1B (154), ¶43, “At step 154, the encryption system uploads the dual-encrypted data to a storage system. This may include sending the data over a network.”, i.e. second encrypted data is received based on request from the transcoder to storage).

Regarding Claim 16, rejection of Claim 14 is included and Claim 16 is rejected with the same rationale as applied against Claim 3 above.

Regarding Claim 4 rejection of Claim 2 is included and for the same motivation combination of Yuting and Sprunk does not teach explicitly.
The computer-implemented method of claim 1, wherein the third key is independently generated by the transcoder.
However, Rameez teaches,
The computer-implemented method of claim 1, wherein the third key is independently generated by the transcoder. (Fig. 2A(233), ¶73, “At step 233, the authorization system generates a complementary third key pair, comprising a third encryption key and a third decryption key”, ¶75, i.e. a third key is independently generated).

Regarding Claim 17, rejection of Claim 15 is included and for the same motivation combination of Yuting and Sprunk does not teach explicitly.
The system of claim 15, wherein the second encrypted data is received based at least in part on data requests from the transcoder to the source node.
However, Rameez teaches,
The system of claim 15, wherein the second encrypted data is received based at least in part on data requests from the transcoder to the source node. (¶38, “the upload link corresponds to a website. Using a form on that website, the owner may upload the encrypted data”, Fig. 1B(151), , At step 151, the encryption system receives the encrypted data uploaded at step 142. “, i.e. second encrypted data is received based on a request from transcoder to the source node).

Referring to Claims 5 and 18:
Regarding Claim 5 rejection of Claim 1 is included and for the same motivation combination of Yuting and Sprunk does not teach explicitly.
The computer-implemented method of claim 1, comprising sending, by the transcoder, the third key to the destination node, wherein the destination node is configured to decrypt the third encrypted data using the third key to obtain the first encrypted data, wherein the destination node is configured to decrypt the first encrypted data using the first key to obtain the data.
However, Rameez teaches,
The computer-implemented method of claim 1, comprising sending, by the transcoder, the third key to the destination node, (Fig. 2A (243, 251), ¶79, “the encryption system sends the download link to the authorization system”, ¶80, “the authorization system receives the download link, and sends the download link and the third decryption key to the user”, i.e. third key is sent to the destination node)  wherein the destination node is configured to decrypt the third encrypted data using the third key to obtain the first encrypted data, wherein the destination node is configured to decrypt the first encrypted data using the first key to obtain the data. (Fig. 2B (302, 303), ¶99, “At step 302 the user decrypts the dual-re-encrypted data using the third decryption key received at step 261”, ¶100, “At step 303, the user decrypts the encrypted data using the first key”). 

Regarding Claim 18, rejection of Claim 14 is included and Claim 18 is rejected with the same rationale as applied against Claim 5 above.

Referring to Claims 8 and 21:

Regarding Claim 8 rejection of Claim 3 is included and for the same motivation combination of Yuting and Sprunk does not teach explicitly,
The computer-implemented method of claim 3, wherein the transcoder is located on the storage.
However, Rameez teaches,
. The computer-implemented method of claim 3, wherein the transcoder is located on the storage. (Fig. 3, ¶112, “the encryption system 30 provides an interface for storage and access, the storage system 40 need not be in communication with any other components”, i.e. Examiner submits that encryption system is located on the storage system).

Regarding Claim 21, rejection of Claim 16 is included and Claim 21 is rejected with the same rationale as applied against Claim 8 above.

Regarding Claim 22, rejection of Claim 16 is included and for the same motivation combination of Yuting and Sprunk does not teach explicitly
The system of claim 16, wherein the third key is independently generated by the transcoder.
However, Rameez teaches,
The system of claim 16, wherein the third key is independently generated by the transcoder. (Fig. 2A(233), ¶73, “At step 233, the authorization system generates a complementary third key pair, comprising a third encryption key and a third decryption key”, ¶75, i.e. a third key is independently generated).

Claims 6 and 19 are rejected under 35 U.S.C. 103 as being unpatentable over Yuting et al. (US PGPUB. # US 2021/0067495, hereinafter “Yuting”), and further in view of Sprunk et al. (US PGPUB. # US 2008/0049942, hereinafter “Sprunk”), and further in view of Rameez et al. (US PGPUB. # US 2021/0167955, hereinafter “Rameez”), and further in view of Sherkin et al. (US PGPUB. # US 2019/0014126, hereinafter “Sherkin”).

Referring to Claims 6 and 19:
Regarding Claim 6, rejection of Claim 1 is included and Yuting does not teach explicitly,
The computer-implemented method of claim 1, wherein the data includes a plurality of data chunks, wherein each data chunk is encrypted in a fourth key, wherein the fourth key is encrypted in the first key to create a first encrypted fourth key which is then encrypted in the second key to create a second encrypted fourth key; 
receiving, by the transcoder, the second encrypted fourth key; 
decrypting, by the transcoder, the second encrypted fourth key using the second key to obtain the first encrypted fourth key; 
encrypting, by the transcoder, the first encrypted fourth key using the third key to create a third encrypted fourth key; and 
sending, by the transcoder, the third encrypted fourth key to the destination node.
However, Sprunk teaches,
The computer-implemented method of claim 1, [wherein the data includes a plurality of data chunks, wherein each data chunk is encrypted in a fourth key], wherein the fourth key is encrypted in the first key to create a first encrypted fourth key which is then encrypted in the second key to create a second encrypted fourth key; (Fig. 2, ¶40, “The inner vault 42 then encrypts the private key using an end-to-end encryption key, e.g., using HSM-based RSA encryption of a random advanced encryption standard (AES) key generated only for one set of PKI data and then subsequent AES encryption of the private key”, Fig. 2, ¶41, “the outer vault 44 encrypts the end-to-end-encrypted private key with PKIS-specific encryption, resulting in two layers of encryption for the private key”, i.e. second encrypted fourth key is encrypted with a first key and the encrypted key is encrypted again with a second key to form a double encrypted private key)
receiving, by the transcoder, the second encrypted fourth key; (¶19, “the term "PKI data" refers to… symmetric cryptographic keys, private keys”, Fig. 5(132), Fig. 2, ¶40, “The inner vault 42 then encrypts the private key using an end-to-end encryption key, e.g., using HSM-based RSA encryption of a random advanced encryption standard (AES) key generated only for one set of PKI data and then subsequent AES encryption of the private key”, Fig. 2, ¶41, “the outer vault 44 encrypts the end-to-end-encrypted private key with PKIS-specific encryption, resulting in two layers of encryption for the private key”, Fig. 2, ¶42, “The PKIS-encrypted private key then is transferred from the PKI loader 14 to the PKI server 16”, ¶78, “a step 132 of transferring the PKI data from the PKI loader 14 to the PKI server 16”, i.e. double encrypted private key is received)
decrypting, by the transcoder, the second encrypted fourth key using the second key to obtain the first encrypted fourth key; (Fig. 3(78), ¶44, “the PKI server 16 performs PKIS decryption of the PKIS-encrypted private key stored therein, resulting in an end-to-end-encrypted private key”, Fig. 5(132), ¶78, “a step 134 of the PKI server 16 decrypting the outer encryption layer of the encrypted PKI data”, i.e. second encrypted data is decrypted with the second key)
encrypting, by the transcoder, the first encrypted fourth key using the third key to create a third encrypted fourth key; (Fig. 3, ¶45, “The PKI server 16 then encrypts the end-to-end-encrypted private key with a PKIS session key, resulting in a PKIS session key-encrypted private key. Such encryption is shown generally as PKIS session key encryption 82”, Fig. 5(136), ¶78, “a step 136 of the PKI server 16 encrypting a different outer layer on the encrypted PKI data are performed”, i.e. first encrypted key is encrypted by a session (third) key)  
and 
sending, by the transcoder, the third encrypted fourth key to the destination node. (Fig. 3, “PKI server 16 transfers the double-encrypted private key to the PKI station 18”, ¶45, “Fig. 5(128), ¶80, “The method 120 also includes a step 128 of transferring the PKIS session key-encrypted PKI data to the PKI station 18”, i.e. the double-encrypted private key (third encrypted fourth key) is transmitted to the PKI station (destination node)).
Combination of Yuting, Sprunk and Rameez does not teach explicitly,
The computer-implemented method of claim 1, wherein the data includes a plurality of data chunks, wherein each data chunk is encrypted in a fourth key, [wherein the fourth key is encrypted in the first key to create a first encrypted fourth key which is then encrypted in the second key to create a second encrypted fourth key];
However, Sherkin teaches,
The computer-implemented method of claim 1, wherein the data includes a plurality of data chunks, wherein each data chunk is encrypted in a fourth key, (Fig. 2 (204, 206), ¶30-¶31, i.e. each header is considered as plurality of data chunks, which are encrypted twice) [wherein the fourth key is encrypted in the first key to create a first encrypted fourth key which is then encrypted in the second key to create a second encrypted fourth key];
As per KSR vs Teleflex, combining prior art elements according to known methods (device, product) to yield predictable results may be used to create a prima facie case of obviousness.
It would have been obvious to one of ordinary skill in the art before the effective filing date to have combined the teachings of Sherkin with the invention of Yuting in view of Sprunk and Rameez.
Yuting in view of Sprunk and Rameez teaches, receiving a double layer encrypted data encrypted with a first key and a second key and receiving a second key and decrypting the second layer of double encrypted data and generating a third encryption key to encrypt double encrypted data and sending the third key to a node. Sherkin teaches, double encrypting multiple data chunk. Therefore, it would have been obvious to have double encrypting multiple data chunk of Sherkin with  invention of Yuting in view of Sprunk and Rameez to double encrypt data chunk to communicate data confidentially with multiple users. KSR Int’l v. Teleflex Inc., 127 S. Ct. 1727, 1740-41, 82 USPQ2d 1385, 1396 (2007). 

Regarding Claim 19, rejection of Claim 14 is included and Claim 19 is rejected with the same rationale as applied against Claim 6 above.


Claims 7 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Yuting et al. (US PGPUB. # US 2021/0067495, hereinafter “Yuting”), and further in view of Sprunk et al. (US PGPUB. # US 2008/0049942, hereinafter “Sprunk”), and further in view of Rameez et al. (US PGPUB. # US 2021/0167955, hereinafter “Rameez”), and further in view of Kapp et al. (US PAT. # US 11,005,828, hereinafter “Kapp”).

Referring to Claims 7 and 20:
Regarding Claim 7 rejection of Claim 2 is included and combination of Yuting, Sprunk and Rameez does not teach explicitly.
The computer-implemented method of claim 2, wherein the transcoder is located on the source node.
However, Kapp teaches,
The computer-implemented method of claim 2, wherein the transcoder is located on the source node. (Fig. 1, CL(5), LN(1-5), “the location of the security server 108 can vary from that as shown in the example network 100. For example, the security server 108 can be located within the same secure network as the sending computer 102”, i.e. transcoder is located on the source node).
As per KSR vs Teleflex, combining prior art elements according to known methods (device, product) to yield predictable results may be used to create a prima facie case of obviousness.
It would have been obvious to one of ordinary skill in the art before the effective filing date to have combined the teachings of Knapp with the invention of Yuting in view of Sprunk.
Yuting in view of Sprunk and Rameez teaches, receiving a double layer encrypted data encrypted with a first key and a second key and receiving a second key and decrypting the second layer of double encrypted data and generating a third encryption key to encrypt double encrypted data and sending the third key to a node.  Knapp teaches, locating security server on a source node. Therefore, it would have been obvious to have locating security server on a source node of Kapp into the teachings of Yuting in view of Sprunk and Rameez to provide flexibility on the location of security server. KSR Int’l v. Teleflex Inc., 127 S. Ct. 1727, 1740-41, 82 USPQ2d 1385, 1396 (2007). 

Regarding Claim 20, rejection of Claim 15 is included and Claim 20 is rejected with the same rationale as applied against Claim 7 above.

Claim 9  is rejected under 35 U.S.C. 103 as being unpatentable over Yuting et al. (US PGPUB. # US 2021/0067495, hereinafter “Yuting”), and further in view of Sprunk et al. (US PGPUB. # US 2008/0049942, hereinafter “Sprunk”), and further in view of Rameez et al. (US PGPUB. # US 2021/0167955, hereinafter “Rameez”), and further in view of Kapp et al. (US PAT. # US 11,005,828, hereinafter “Kapp”), and further in view of Ellison et al. (US PGPUB. # US 2004/0109569, hereinafter “Ellison”).

Regarding Claim 9 rejection of Claim 3 is included and combination of Yuting, Sprunk and Rameez does not teach explicitly
The computer-implemented method of claim 3, wherein the transcoder is located on a storage network coupled to the source node and the storage; and comprising replacing, by the transcoder, the third key with a dummy key for ending data sharing between the source node and the destination node.
However, Kapp teaches,
The computer-implemented method of claim 3, wherein the transcoder is located on a storage network coupled to the source node and the storage. (Fig. 1, CL(5), LN(6-8),  “the security server 108 can be located within the same secure network as the third-party data store 104”, i.e. security server is located on a storage network). [the third key with a dummy key for ending data sharing between the source node and the destination node].
As per KSR vs Teleflex, combining prior art elements according to known methods (device, product) to yield predictable results may be used to create a prima facie case of obviousness.
It would have been obvious to one of ordinary skill in the art before the effective filing date to have combined the teachings of Kapp with the invention of Yuting in view of Sprunk and Rameez.
Yuting in view of Sprunk and Rameez teaches, receiving a double layer encrypted data encrypted with a first key and a second key and receiving a second key and decrypting the second layer of double encrypted data and sending double encrypted data to a storage device. Kapp teaches, locating security server on a storage device network. Therefore, it would have been obvious to have locating security server on a storage device network of Kapp into the teachings of Yuting in view of Sprunk and Rameez to provide flexibility on the location of security server. KSR Int’l v. Teleflex Inc., 127 S. Ct. 1727, 1740-41, 82 USPQ2d 1385, 1396 (2007). 
Combination of Yuting, Sprunk, Rameez and Knapp does not teach explicitly,
The computer-implemented method of claim 3, [wherein the transcoder is located on a storage network coupled to the source node and the storage]; and comprising replacing, by the transcoder, the third key with a dummy key for ending data sharing between the source node and the destination node.
However, Elison teaches,
The computer-implemented method of claim 3, [wherein the transcoder is located on a storage network coupled to the source node and the storage]; and comprising replacing, by the transcoder, the third key with a dummy key for ending data sharing between the source node and the destination node. (Fig. 3, ¶23, “the content producer may, at his or her option, check for revoked symmetric content keys and substitute a dummy key (e.g., zero) for revoked entries in the public key media key block”, i.e. key is replaced with a dummy key).
As per KSR vs Teleflex, combining prior art elements according to known methods (device, product) to yield predictable results may be used to create a prima facie case of obviousness.
It would have been obvious to one of ordinary skill in the art before the effective filing date to have combined the teachings of Ellison with the invention of Yuting in view of Sprunk, Rameez and Knapp.
Yuting in view of Sprunk, Rameez and Knapp teaches, receiving a double layer encrypted data encrypted with a first key and a second key and receiving a second key and decrypting the second layer of double encrypted data and sending double encrypted data to a storage device and locating security server on a storage device network. Ellison teaches, replacing a key with a dummy key. Therefore, it would have been obvious to have replacing a key with a dummy key of Ellison into the teachings of Yuting in view of Sprunk, Rameez and Knapp to stop encryption/decryption of a compromised key. KSR Int’l v. Teleflex Inc., 127 S. Ct. 1727, 1740-41, 82 USPQ2d 1385, 1396 (2007). 


Claims 10 and 23  are rejected under 35 U.S.C. 103 as being unpatentable over Yuting et al. (US PGPUB. # US 2021/0067495, hereinafter “Yuting”), and further in view of Sprunk et al. (US PGPUB. # US 2008/0049942, hereinafter “Sprunk”), and further in view of Rameez et al. (US PGPUB. # US 2021/0167955, hereinafter “Rameez”), and further in view of Ellison et al. (US PGPUB. # US 2004/0109569, hereinafter “Ellison”).

Referring to Claims 10 and 23:
Regarding Claim 10 rejection of Claim 1 is included and combination of Yuting,, Sprunk and Rameez does not teach explicitly
The computer-implemented method of claim 1, comprising: replacing, by the transcoder, the third key with a dummy key for ending data sharing between a source node and the destination node.
However, Ellison teaches,
The computer-implemented method of claim 1, comprising: replacing, by the transcoder, the third key with a dummy key for ending data sharing between a source node and the destination node. (Fig. 3, ¶23, “the content producer may, at his or her option, check for revoked symmetric content keys and substitute a dummy key (e.g., zero) for revoked entries in the public key media key block”, i.e. key is replaced with a dummy key).
As per KSR vs Teleflex, combining prior art elements according to known methods (device, product) to yield predictable results may be used to create a prima facie case of obviousness.
It would have been obvious to one of ordinary skill in the art before the effective filing date to have combined the teachings of Ellison with the invention of Yuting in view of Sprunk and Rameez.
Yuting in view of Sprunk and Rameez teaches, receiving a double layer encrypted data encrypted with a first key and a second key and receiving a second key and decrypting the second layer of double encrypted data and sending double encrypted data to a storage device. Ellison teaches, replacing a key with a dummy key. Therefore, it would have been obvious to have replacing a key with a dummy key of Ellson into the teachings of Yuting in view of Sprunk to stop encryption/decryption of a compromised key. KSR Int’l v. Teleflex Inc., 127 S. Ct. 1727, 1740-41, 82 USPQ2d 1385, 1396 (2007). 

Regarding Claim 23, rejection of Claim 14 is included and Claim 23 is rejected with the same rationale as applied against Claim 10 above.

Claims 11-13 and 25 are rejected under 35 U.S.C. 103 as being unpatentable over Sprunk et al. (US PGPUB. # US 2008/0049942, hereinafter “Sprunk”), and further in view of Rameez et al. (US PGPUB. # US 2021/0167955, hereinafter “Rameez”).

Referring to Claims 11 and 25:
Regarding Claim 11, Sprunk teaches,
A computer-implemented method, comprising: 
receiving, by a transcoder, a second encrypted key, (¶19, “the term "PKI data" refers to… symmetric cryptographic keys, private keys”, Fig. 5(132), Fig. 2, ¶40, “The inner vault 42 then encrypts the private key using an end-to-end encryption key, e.g., using HSM-based RSA encryption of a random advanced encryption standard (AES) key generated only for one set of PKI data and then subsequent AES encryption of the private key”, Fig. 2, ¶41, “the outer vault 44 encrypts the end-to-end-encrypted private key with PKIS-specific encryption, resulting in two layers of encryption for the private key”, Fig. 2, ¶42, “The PKIS-encrypted private key then is transferred from the PKI loader 14 to the PKI server 16”, ¶78, “a step 132 of transferring the PKI data from the PKI loader 14 to the PKI server 16”, i.e. double encrypted private key is received. Examiner submits that as per disclosure paragraph 65 the secure transcoder is implemented as hardware, software, etc. or any combination thereof. Thus examiner has interpreted the PKI server and/or its component, software etc. as transcoder)
wherein the second encrypted key is a key that has been encrypted in a first key to create a first encrypted key that is then encrypted in a second key to create the second encrypted key, (Fig. 2, ¶40, “The inner vault 42 then encrypts the private key using an end-to-end encryption key, e.g., using HSM-based RSA encryption of a random advanced encryption standard (AES) key generated only for one set of PKI data and then subsequent AES encryption of the private key”, Fig. 2, ¶41, “the outer vault 44 encrypts the end-to-end-encrypted private key with PKIS-specific encryption, resulting in two layers of encryption for the private key”, i.e. second encrypted key is encrypted with a first key and the encrypted key is encrypted again with a second key to form a double encrypted private key).
receiving, by the transcoder, the second key, (¶19, “the term "PKI data" refers to… symmetric cryptographic keys, private keys”, ¶25, “PKI server (PKIS)-specific encryption can be used in addition to the end-to-end encryption, e.g., for PKI data being delivered from the PKI data generator 12 to the PKI loader 14. Such encryption is referred to herein as PKIS-specific encryption”, ¶34, “The database 36 is replenished periodically with newly-created PKI data from the PKI data generator 12, ¶28, “The PKI server 16 typically removes the PKIS-specific encryption layer (i.e., decrypts the PKIS-specific encryption layer with a PKIS-specific database key) from a set of PKI data retrieved from its database”, i.e. Examiner submits that a second key is received from the PKI data generator and stored in the database. The key is used to decrypt outer layer of the double encrypted private key, Examiner submits that as per disclosure paragraph 65 the secure transcoder is implemented as hardware, software, etc. or any combination thereof. Thus examiner has interpreted the PKI server and/or its component, software etc. as transcoder) 
decrypting, by the transcoder, the second encrypted key using the second key to obtain the first encrypted key, (Fig. 3(78), ¶44, “the PKI server 16 performs PKIS decryption of the PKIS-encrypted private key stored therein, resulting in an end-to-end-encrypted private key”, Fig. 5(132), ¶78, “a step 134 of the PKI server 16 decrypting the outer encryption layer of the encrypted PKI data”, i.e. second encrypted data is decrypted with the second key, Examiner submits that as per disclosure paragraph 65 the secure transcoder is implemented as hardware, software, etc. or any combination thereof. Thus examiner has interpreted the PKI server and/or its component, software etc. as transcoder).
encrypting, by the transcoder, the first encrypted key using [the third key] to create a third encrypted key; (Fig. 3, ¶45, “The PKI server 16 then encrypts the end-to-end-encrypted private key with a PKIS session key, resulting in a PKIS session key-encrypted private key. Such encryption is shown generally as PKIS session key encryption 82”, Fig. 5(136), ¶78, “a step 136 of the PKI server 16 encrypting a different outer layer on the encrypted PKI data are performed”, i.e. first encrypted key is encrypted by a session (third) key, Examiner submits that as per disclosure paragraph 65 the secure transcoder is implemented as hardware, software, etc. or any combination thereof. Thus examiner has interpreted the PKI server and/or its component, software etc. as transcoder)  and 
sending, by the transcoder, [the third] encrypted key to a destination node. (Fig. 3, “PKI server 16 transfers the double-encrypted private key to the PKI station 18”, ¶45, “Fig. 5(128), ¶80, “The method 120 also includes a step 128 of transferring the PKIS session key-encrypted PKI data to the PKI station 18”, i.e. the double-encrypted private key (third encrypted data) is transmitted to the PKI station (destination node), Examiner submits that as per disclosure paragraph 65 the secure transcoder is implemented as hardware, software, etc. or any combination thereof. Thus examiner has interpreted the PKI server and/or its component, software etc. as transcoder).
Sprunk does not teach explicitly,
independently generating, by the transcoder, a third key; 
[encrypting, by the transcoder, the first encrypted key using] the third key [to create a third encrypted key];
sending, by the transcoder, the third [encrypted] key to a destination node.
However, Rameez teaches,
independently generating, by the transcoder, a third key; (Fig. 2A(233), ¶73, “At step 233, the authorization system generates a complementary third key pair, comprising a third encryption key and a third decryption key”, ¶75, i.e. a third key is independently generated).
[encrypting, by the transcoder, the first encrypted key using] the third key (Fig. 2A(233), ¶73, “At step 233, the authorization system generates a complementary third key pair, comprising a third encryption key and a third decryption key”, “The purpose of the key pair is for the third encryption key to encrypt the dual-encrypted data”, i.e. a third key is independently generated to encrypt the data) [to create a third encrypted key];
sending, by the transcoder, the third [encrypted] key to a destination node. (Fig. 2A (243, 251), ¶79, “the encryption system sends the download link to the authorization system”, ¶80, “the authorization system receives the download link, and sends the download link and the third decryption key to the user”, i.e. third key is sent to the destination node).
As per KSR vs Teleflex, combining prior art elements according to known methods (device, product) to yield predictable results may be used to create a prima facie case of obviousness.
It would have been obvious to one of ordinary skill in the art before the effective filing date to have combined the teachings of Rameez with the invention of Sprunk in view of Rameez.
Sprunk teaches, receiving a second key and decrypting the second layer of double encrypted data. Rameez teaches, generating a third encryption key to encrypt double encrypted data. Therefore, it would have been obvious to have generating a third encryption key to encrypt double encrypted data of Rameez with receiving a second key and decrypting the second layer of double encrypted data of Sprunk such that the third decryption key can be used to remove the second encryption layer. The third key pair may be selected for proxy re-encryption. KSR Int’l v. Teleflex Inc., 127 S. Ct. 1727, 1740-41, 82 USPQ2d 1385, 1396 (2007). 
Regarding Claim 25, it is a computer program product Claim of above method Claim 11 and therefore Claim 25 is rejected with the same rationale as applied against Claim 11 above. Sprunk further teaches, a computer readable medium in paragraph 85. In addition Rameez teaches the limitation, “and program instructions to send, by the transcoder, the third key to the destination node”. (Fig. 2A (243, 251), ¶79, “the encryption system sends the download link to the authorization system”, ¶80, “the authorization system receives the download link, and sends the download link and the third decryption key to the user”, i.e. third key is sent to the destination node).

Regarding Claim 12 rejection of Claim 11 is included and, for the same motivation Sprunk does not teach explicitly,
The computer-implemented method of claim 11, sending, by the transcoder, the third key to the destination node, wherein the destination node is configured to decrypt the third encrypted key using the third key to obtain the first encrypted key, wherein the destination node is configured to decrypt the first encrypted key using the first key to obtain the key.
However, Rameez teaches,
The computer-implemented method of claim 11, sending, by the transcoder, the third key to the destination node, (Fig. 2A (243, 251), ¶79, “the encryption system sends the download link to the authorization system”, ¶80, “the authorization system receives the download link, and sends the download link and the third decryption key to the user”, i.e. third key is sent to the destination node)  wherein the destination node is configured to decrypt the third encrypted key using the third key to obtain the first encrypted key, wherein the destination node is configured to decrypt the first encrypted key using the first key to obtain the key. (Fig. 2B (302, 303), ¶99, “At step 302 the user decrypts the dual-re-encrypted data using the third decryption key received at step 261”, ¶100, “At step 303, the user decrypts the encrypted data using the first key”). 

Regarding Claim 13 rejection of Claim 11 is included and, for the same motivation Sprunk does not teach explicitly,
The computer-implemented method of claim 12, wherein the destination node uses the key to decrypt data from a source node.
However, Rameez teaches,
The computer-implemented method of claim 12, wherein the destination node uses the key to decrypt data from a source node. (Fig. 2b, ¶100, “At step 303, the user decrypts the encrypted data using the first key obtained directly or indirectly from the owner. This results in the original data”).

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.  Refer to PTO-892, Notice of References Cited for a listing of analogous art.
THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 

Justin Donohoe (US PGPUB. # US 2019/0207769) discloses, a database security platform for providing secure access to private data in an encrypted storage area. A disclosed system includes a database application configured to receive queries from application users requiring access to encrypted private data; a middle security layer callable from the database application to facilitate predefined access to the encrypted private data; a root security layer configured to receive a decryption request from the middle security layer, perform decryption on specified encrypted private data, and return decrypted data to the middleware layer; a hashing system that generates a hash of the middle security layer and root security layer to ensure integrity of the middle security layer and root security layer; and an auditing detection system that detects malicious auditing of parameters.
Monica et al. (US PGPUB. # US 2020/0266997) discloses, secure storage and retrieval of information, such as private keys, useable to control access to a blockchain, include, in at least one aspect, a method including: identifying for an action an associated private-keys group out of different private-keys groups, each having an associated cryptographic group key; decrypting, at a first computer, a first level of encryption of a private key associated with the action using the associated cryptographic group key; decrypting, at a second computer distinct from the first computer, a second level of encryption of the private key associated with the action using a hardware-based cryptographic key used by the second computer; using, at the second computer, the private key associated with the action in a process of digitally signing data to authorize the action; and sending the digitally signed data to a third computer to effect the action. 
Bild et al. (US PGPUB. # US 2019/0306124) discloses, a first computing entity receiving a request for first data from an affiliated source device by a user device. When a re-encryption key of the user device is not based on a key pair of the first computing entity the method further includes decrypting the first encrypted data using a private key of the first computing entity and encrypting the recovered first data with a public key of a second computing entity to produce second encrypted data. The method further includes encrypting the second encrypted data with the re-encryption key of the user device to produce double encrypted data. The method further includes sending the double encrypted data to the user device, where the user device is capable of decrypting the double encrypted data to recover the first data using a private key of the user device based on a key pair of the second computing entity.
De Gaspari et al. (US PGPUB. # US 2019/0297063) discloses, producer communicates over a network with a user application in an infrastructure-as-a-service (IaaS) and an IaaS node. The producer encrypts content with first encryption using a first key and second encryption using a second key, to produce twice encrypted content. The producer encrypts the second key with attribute-based encryption and symmetric encryption using an IaaS key, to produce a twice encrypted second key. The producer provides to the user application the twice encrypted content, the twice encrypted second key, and key information configured to remove the first encryption from the twice encrypted content. The producer provides to the IaaS node the IaaS key to enable the IaaS node to remove the symmetric encryption from the twice encrypted second key, such that the user application and the IaaS node are constrained to exchange with each other key-related information and intermediate decryption results in order to recover the content.
Firestone et al. (US PAT. # US 10,187,200) discloses, a method that encrypts each of a plurality of segments of a binary value using a selected block cipher of a plurality of block ciphers and a unique symmetric key of a first plurality of unique, symmetric keys to produce a first ciphertext. The method further encrypts each of a plurality of segments of the first ciphertext using a selected block cipher of the plurality of block ciphers and a unique symmetric key of a second plurality of unique, symmetric keys to produce a second ciphertext. The selected block cipher used to encrypt a first segment of the binary value to produce a first segment of the plurality of segments of the first ciphertext is different than the selected block cipher used to encrypt the first segment of the ciphertext to produce a first encrypted segment of the second ciphertext.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to DARSHAN I DHRUV whose telephone number is (571)272-4316. The examiner can normally be reached M-F 9:00 AM-5:00 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Yin-Chen Shaw can be reached on 571-272-8878. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/DARSHAN I DHRUV/          Primary Examiner, Art Unit 2498