Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Drawing Objection
.    The drawings are objected to because drawings (Figs 1, 4A & 4B) contain blank boxes and numbers. Applicant must supply a suitable legend/name/identification text. A proposed drawing correction or corrected drawings are required in reply to the Office action to avoid abandonment of the application. The objection to the drawings will not be held in abeyance. 
The following are direct quotations of 37 CFR 1.84(n), (o), repeated below:(n)     Symbols. Graphical drawing symbols may be used for conventional elements   
when appropriate. The elements for which such symbols and   labeled representations are used must be adequately identified in the specification. Known devices should be illustrated by symbols which have a universally recognized conventional meaning and are generally accepted in the art. Other symbols which are not universally recognized may be used, subject to approval by the Office, if they are not likely to be confused with existing conventional symbols, and if they are readily identifiable.
(o)      Legends. Suitable descriptive legends  (/name/identification text) may be used subject to approval by the Office, or may be required by the examiner where necessary for understanding of the drawing. They should contain as few words as possible.

Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper time-wise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees.  A nonstatutory double patenting rejection is appropriate where the claims at issue are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); and In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual rejection based on a nonstatutory double patenting ground provided the reference application or patent either is shown to be commonly owned with this application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b).
The USPTO internet Web site contains terminal disclaimer forms which may be used.  Please visit http://www.uspto.gov/forms/.  The filing date of the application will determine what form should be used.  A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission.  For more information about eTerminal Disclaimers, refer to http://www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.  
Claims 2, 7-9, 12, 17-19 , 21 & 26-28 of instant Application US 17/320762 are rejected on the ground of nonstatutory anticipatory type double patenting as being unpatentable over claims 1-4, 8, 15-17-20 & 24.  of  US patent US11018871. Although the conflicting claims are not identical, they are not patentably distinct from each other because the claims both in the present application and the US patent discloses a method and systems providing security to stored user credential (private key)l .
The table below shows the  of claims 2, 7-9, 12, 17-19, 21 & 26-28)  of the instant application being anticipated by the conflicting US patent US11018871 
Claim No.
Limitations of Instant Application       US17320762
Limitations of the US patent 11018871
Claim No.
2
2. (New) A processing device in a computing system, comprising: non-volatile data storage hardware, wherein the data storage hardware stores at least one secure credential that is uniquely associated with the processing device, wherein the secure credential includes a private key of a public-private key pair; and execution circuitry comprising at least one security accelerator and at least one processor core, the execution circuitry to perform operations to: access a symmetric wrapper key in a first memory of the computing system, the symmetric wrapper key associated with a client entity, wherein the symmetric wrapper key is encrypted in the first memory, and wherein the symmetric wrapper key is encrypted based on a public key of the public- private key pair; decrypt the symmetric wrapper key using the private key of the public-private key pair; access a client private key in a second memory of the computing system, the client private key associated with the client entity, wherein the client private key is encrypted in the second memory, and wherein the client private key is encrypted based on the symmetric wrapper key; decrypt the client private key with the symmetric wrapper key; and execute a computation in a trusted execution environment of the processing device, using the client private key, to produce a computation result for the client entity.

7. (New) The processing device of claim 2, wherein the non-volatile data storage hardware includes a set of programmable fuses, and wherein the secure credential is stored using the programmable fuses.

8. (New) The processing device of claim 2, the security accelerator further to perform at least one cryptographic operation for the computation.  

9. (New) The processing device of claim 2, the execution circuitry further to provide the computation result to the client entity via a secured communication.

1. A security accelerator device, comprising: execution hardware including at least one processor core, and non-volatile data storage hardware, wherein the data storage hardware includes: a first credential that is uniquely associated with the security accelerator device and represents a root of trust to a trusted entity, wherein the trusted entity provides the first credential to the security accelerator device and wherein the first credential is a private key of a public/private key pair of the security accelerator device; and instructions that, when executed by the execution hardware, cause the security accelerator device to: receive, from a client entity, a symmetric wrapper key, wherein the symmetric wrapper key is encrypted with a public key of the public/private key pair of the security accelerator device; establish a cryptographic trust relationship with the client entity that is based on the root of trust, the cryptographic trust relationship being represented by a second credential and wherein the client entity executes with a processor separate from the at least one processor core and wherein the second credential is the symmetric wrapper key decrypted by the security accelerator device; receive from the client entity, a secret client credential of the client entity, wherein the secret client credential is encrypted with the symmetric wrapper key; decrypt the secret client credential with the symmetric wrapper key; store the secret client credential; and execute a cryptographic computation in a trusted execution environment of the security accelerator device using the secret client credential on behalf of the client entity to produce a computation result.
2. The security accelerator device of claim 1, wherein the first credential is permanently set in the security accelerator device.
3. The security accelerator device of claim 1, wherein the non-volatile data storage hardware includes a set of factory-programmable fuses, and wherein the first credential is stored in the factory-programmable fuses.
4. The security accelerator device of claim 1, wherein the instructions, when executed by the execution hardware, cause the security accelerator device to pass the computation result to the client entity via a secured return communication.

8. A computing platform, comprising: execution hardware including at least one processor core, and data storage hardware, wherein the data storage hardware includes: a secret client credential; and instructions that, when executed by the execution hardware, cause the computing platform to instantiate a client entity configured to: receive a first credential of a security accelerator device, the first credential being uniquely associated with the security accelerator device and representing a root of trust to a trusted entity, wherein the security accelerator device executes with a processor separate from the at least one processor core, wherein the first credential is a private key of a public/private key pair of the security accelerator device, and wherein the trusted entity provides the first credential to the security accelerator device; provide, to the security accelerator device, a symmetric wrapper key, wherein the symmetric wrapper key is encrypted with a public key of the public/private key pair of the security accelerator device; establish a cryptographic trust relationship with the security accelerator device that is based on the root of trust, the cryptographic trust relationship being represented by a second credential, wherein the second credential is the symmetric wrapper key decrypted by the security accelerator device; provide the secret client credential to the security accelerator device via communication secured by the second credential, wherein the secret client credential is encrypted with the symmetric wrapper key; send a message to the security accelerator device to be cryptographically processed by the security accelerator device in a trusted execution environment of the security accelerator device using the secret client credential to produce a computation result; and receive the computation result. 

15. The computing platform of claim 8, wherein the computing platform is interfaced with the security accelerator device via a communication network.

16. The computing platform of claim 8, wherein the computing platform is interfaced with the security accelerator device via a system interconnect.



1 
12
12. (New) A method for secure operation of a processing device, comprising: identifying at least one secure credential that is uniquely associated with the processing device, wherein the secure credential includes a private key of a public-private key pair; obtaining a symmetric wrapper key, the symmetric wrapper key provided from a client entity, wherein the symmetric wrapper key is encrypted, and wherein the symmetric wrapper key is encrypted based on a public key of the public-private key pair; decrypting the symmetric wrapper key using the private key of the public-private key pair; obtaining a client private key, the client private key provided from the client entity, wherein the client private key is encrypted, and wherein the client private key is encrypted based on the symmetric wrapper key; decrypting the client private key with the symmetric wrapper key; and executing a computation in a trusted execution environment of the processing device, using the client private key, to produce a computation result for the client entity.
17. (New) The method of claim 12, wherein the at least one secure credential is stored in non-volatile data storage hardware, the non-volatile data storage hardware provided from a set of programmable fuses of the processing device.  
18. (New) The method of claim 12, further comprising: performing at least one cryptographic operation for the computation, using a security accelerator of the processing device.  
19. (New) The method of claim 12, further comprising: providing the computation result to the client entity via a secured communication.

17. A method for operating a security accelerator device, comprising: storing, in non-volatile memory, a first credential that is uniquely associated with the security accelerator device and represents a root of trust to a trusted entity, wherein the trusted entity provides the first credential to the security accelerator device and wherein the first credential is a private key of a public/private key pair of the security accelerator device; receiving, from a client entity, a symmetric wrapper key, wherein the symmetric wrapper key is encrypted with a public key of the public/private key pair of the security accelerator device; establishing, by the security accelerator device, a cryptographic trust relationship with the client entity that is based on the root of trust, the cryptographic trust relationship being represented by a second credential, wherein the security accelerator device and the client entity execute on separate processors, wherein the second credential is the symmetric wrapper key decrypted by the security accelerator device; receiving from the client entity, a secret client credential of the client entity, wherein the secret client credential is encrypted with the symmetric wrapper key; decrypting the secret client credential with the symmetric wrapper key; storing, in the non-volatile memory, the secret client credential; and executing, by the security accelerator device in a trusted execution environment of the security accelerator device, a cryptographic computation using the secret client credential on behalf of the client entity to produce a computation result.

18. The method of claim 17, further comprising: passing, by the security accelerator device, the computation result to the client entity via a secured return communication.
17
21
21. (New) At least one non-transitory machine-readable medium, comprising instructions that, when executed by a processing device, cause the processing device to: identify at least one secure credential that is uniquely associated with the processing device, wherein the secure credential includes a private key of a public-private key pair; obtain a symmetric wrapper key, the symmetric wrapper key provided from a client entity, wherein the symmetric wrapper key is encrypted, and wherein the symmetric wrapper key is encrypted based on a public key of the public-private key pair; decrypt the symmetric wrapper key using the private key of the public-private key pair; obtain a client private key, the client private key provided from the client entity, wherein the client private key is encrypted, and wherein the client private key is encrypted based on the symmetric wrapper key; decrypt the client private key with the symmetric wrapper key; and execute a computation in a trusted execution environment of the processing device, using the client private key, to produce a computation result for the client entity.
26. (New) The at least one non-transitory machine-readable medium of claim 21, wherein the at least one secure credential is stored in non-volatile data storage hardware, the non-volatile data storage hardware provided from a set of programmable fuses of the processing device.  
27. (New) The at least one non-transitory machine-readable medium of claim 21, the instructions further to cause the processing device to: perform at least one cryptographic operation for the computation, using a security accelerator of the processing device.  
28. (New) The at least one non-transitory machine-readable medium of claim 21, the instructions further to cause the processing device to: provide the computation result to the client entity via a secured communication.

20. At least one non-transitory machine-readable medium, comprising: a secret client credential; and instructions that, when executed by execution hardware, cause the execution hardware to: instantiate a client entity configured to: receive a first credential of a security accelerator device, the first credential being uniquely associated with the security accelerator device and representing a root of trust to a trusted entity, wherein the security accelerator device executes on a processor separate from the execution hardware, wherein the first credential is a private key of a public/private key pair of the security accelerator device, and wherein the trusted entity provides the first credential to the security accelerator device; provide, to the security accelerator device, a symmetric wrapper key, wherein the symmetric wrapper key is encrypted with a public key of the public/private key pair of the security accelerator device; establish a cryptographic trust relationship with the security accelerator device that is based on the root of trust, the cryptographic trust relationship being represented by a second credential, wherein the second credential is the symmetric wrapper key decrypted by the security accelerator device; provide the secret client credential to the security accelerator device via communication secured by the second credential, wherein the secret client credential is encrypted with the symmetric wrapper key; send a message to the security accelerator device to be cryptographically processed by the security accelerator device in a trusted execution environment of the security accelerator device using the secret client credential to produce a computation result; and receive the computation result.
20

	
	 Claims 3-4, 6, 10-11, 13, 14, 16, 20, 22-23, 25, & 29 of instant Application US 17/320762 are rejected on the ground of non-statutory obviousness type double patenting as being unpatentable over claims 1-12, 17 & 21.  of  conflicting US patent US11018871 in view of Raghuram (US20140089658) 
Regarding claims 3, 13 & 22, conflicting US patent teaches limitation of claim 1 and  Raghuram teaches decryption wherein the trusted execution environment is implemented using at least one secure enclave. [para 0052, … trusted platform module….]. 
Motivation  has been the efficient and improved use of symmetric key for securing the user private key. (para 0035-0036, Rgahuram)
Regarding  claims 4. 14 & 23, conflicting US patent teaches limitation of claim 1 and  Raghuram teaches wherein the computation result is part of a client workload, wherein the client workload is executed with the execution circuitry using at least one of: a virtual network function, a virtual machine, or a container. [ para 0035],…. virtual machine image…]
Motivation  has been to make  efficient and improved use of symmetric key for securing the user private key. (para 0035-0036, Rgahuram)
Regarding claims 6, 16 & 25, conflicting US patent teaches limitation of claim 1 and  Raghuram teaches wherein the processing device comprises: a central processor unit (CPU); a system-on-chip (SoC); a smart network interface card (NIC); or a Peripheral Component Interconnect (PCI) Express device.  [paras 0024-0026]
Motivation  has been to make  efficient and improved use of symmetric key for securing the user private key. (para 0035-0036, Rgahuram)
Regarding claims 10, 20 & 29, conflicting US patent teaches limitation of claim 1 and Raghuram teaches wherein the client entity corresponds to a (i) customer, (ii) tenant, or (iii) operator of a virtual network function, a virtual machine, or a container of the processing device.  [paras 0020-0022]
Motivation  has been to make  efficient and improved use of symmetric key for securing the user private key. (para 0035-0036, Rgahuram)
Regarding claim 11, conflicting US patent teaches limitation of claim 1 and  Raghuram teaches wherein the execution circuitry performs the operations based on instructions provided in firmware.  [para 0024]
Motivation  has been to make  efficient and improved use of symmetric key for securing the user private key. (para 0035-0036, Rgahuram)

	Claims 5, 15 & 24 of instant Application US 17/320762 are rejected on the ground of nonstatutory obviousness type double patenting as being unpatentable over claims 1-12, 17 & 21.  of  conflicting US patent US11018871.in view of Campagna (US9866392)
Regarding claims 5, 15 & 24, conflicting US patent teaches limitations of claim 1, 12 & 21 and  Campagna teaches wherein the secure credential is permanently set, and wherein the secure credential represents a root of trust to one of: a manufacturer of the security accelerator or the processing device; a distributor of the security accelerator or the processing device: an original equipment manufacturer of a product incorporating the security accelerator or the processing device; a credential authority; or an owner or system administrator entity of the computing system in which the processing device is deployed.  [Column 13, lines 25-45,  …root of trust. public …key corresponding to a private ..key…]
Motivation has been to provide efficient and improved techniques  to allow security modules to share the cryptographic information for the purpose of availability, durability and scalability. (Column 02, lines 35-45, Compagna)  

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  

Claims 2-4, 6, 8-14, 16, 18-23, 25 & 27-29 are rejected under 35 USC 103 as being unpatentable over Raghuram (US20140089658) in view of Peddada (US20160261408)
Regarding claim 2, Raghuram teaches:
a processing device in a computing system, comprising: non-volatile data storage hardware, wherein the data storage hardware stores at least one secure credential that is uniquely associated with the processing device, wherein the secure credential includes a private key of a public-private key pair; [paragraph 0036: [0036] Referring now to FIG. 4, similar to the customer computing device 102, the host computing device 148 may establish an environment 400 for securely decrypting the virtual machine image 124. The environment 400 includes a security engine 212, a virtual machine management module 412, a trust agent module 414, and a communication module 416. In some embodiments, the security engine 212 may be executed by the processor 204 to perform security and cryptographic procedures to securely provision the virtual machine image 124. In some embodiments, the security engine 212 may be embodied as, or otherwise include, a security co-processor of the host computing device 148, a cryptographic accelerator incorporated into the processor 204, or a stand-alone cryptographic software/firmware. 
 and execution circuitry comprising at least one security accelerator and at least one processor core, the execution circuitry to perform operations to: access a symmetric wrapper key in a first memory of the computing system, the symmetric wrapper key associated with a client entity, wherein the symmetric wrapper key is encrypted in the first memory, and wherein the symmetric wrapper key is encrypted based on a public key of the public- private key pair; decrypt the symmetric wrapper key using the private key of the public-private key pair; [paragraph 0036: referring now… cryptographic software/firmware. As discussed in further detail below, the security engine 212 may generate an asymmetric key pair including a host public key and a host private key. Further, the security engine 212 may receive a symmetric cryptographic (wrapper) key from the key management server 106 that has been encrypted with the host public key. The decrypted symmetric (wrapper) key is then subsequently used to decrypt the encrypted virtual machine image 408 so that the host computing device 148 may provision the decrypted virtual machine image 124. As such, the security engine 212 may access the encryption keys (symmetric wrapper key) 214 while performing cryptographic routines. In some embodiments, the encryption keys 214 may be stored in secure memory accessible to the security engine 212, whereas in other embodiments, the encryption keys 214 may be stored in the data storage device 216 or system memory 210 of the host computing device 148. Upon successful decryption of the encrypted virtual machine image 408, the virtual machine management module 412 is configured to provision the virtual machine image 124 (i.e., the decrypted form of the encrypted virtual machine image 408) on the host computing device 148.]
Although Raghuram teaches decryption of Symmetric Wrapper (encryption/cryptogamic ) Key, he does not teach expclitly, however, Peddada teaches:
access a client private key in a second memory of the computing system, the client private key associated with the client entity, wherein the client private key is encrypted in the second memory, and wherein the client private key is encrypted based on the symmetric wrapper key; decrypt the client private key with the symmetric wrapper key; [[0082] As described above, the private key of the key release 492 is encrypted using the symmetric key of the key release 492. In order to decrypt the encrypted private key of the key release 492, the HSM server 260 needs to determine the symmetric key of the key release 492. The HSM server 260 can use either the HSM 350 and its private key 352 or the HSM 355 and its private key 357 to decrypt the encrypted symmetric key of the key release 492. The HSM server 260 then uses the decrypted symmetric key of the key release 492 to decrypt the encrypted private key of the key release 492. ]
and execute a computation in a trusted execution environment of the processing device, using the client private key, to produce a computation result for the client entity.  [paragraph [0082] As described above, …. to decrypt the encrypted private key of the key release 492. With the decrypted private key of the key release 492, the HSM server 260 can decrypt the encrypted first key fragment 570 and the encrypted second key fragment 580 and derive the master key 308.]
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to combine the teachings of conflicting US patent(US110188 with the disclosure of Peddada. The motivation or suggestion would have been to implement a system that will provide efficient and improved techniques for overcoming performance problems of asymmetric key cryptography. (para 0002-0006, Peddada)  
Regarding claims 3, 13 & 22, Raghuram teaches decryption wherein the trusted execution environment is implemented using at least one secure enclave. [para 0052, … trusted platform module….]
Regarding  claims 4. 14 & 23  Raghuram teaches wherein the computation result is part of a client workload, wherein the client workload is executed with the execution circuitry using at least one of: a virtual network function, a virtual machine, or a container. [ para 0035],…. virtual machine image…]
Regarding claims 6, 16 & 25, Raghuram teaches wherein the processing device comprises: a central processor unit (CPU); a system-on-chip (SoC); a smart network interface card (NIC); or a Peripheral Component Interconnect (PCI) Express device.  [paras 0024-0026]
Regarding claims 8, 18 & 27, Raghuram teaches  the security accelerator further to perform at least one cryptographic operation for the computation.  [paras 0034, & 0036]
Regarding claims 9, 19 & 28, Raghuram teaches the execution circuitry further to provide the computation result to the client entity via a secured communication.  [paras 0020, 0033 & 0038, etc.]
Regarding claims 10, 20 & 29, Raghuram teaches wherein the client entity corresponds to a (i) customer, (ii) tenant, or (iii) operator of a virtual network function, a virtual machine, or a container of the processing device.  [paras 0020-0022]
Regarding claim 11,  Raghuram teaches wherein the execution circuitry performs the operations based on instructions provided in firmware.  [para 0024]
Regarding claims 12 & 21, these claims are interpreted to be same as claim 1 and rejected for the same reasons as set forth for claim 1.

.Claims 5, 15 & 24 are rejected under 35 USC 103 as being unpatentable over Raghuram (US20140089658) in view of Peddada (US20160261408) and 
Campagna (US9866392 as indicated in IDS dated 10/06/2021)
Regarding claims 5, 15 & 24,  although Raghuram and Peddada teach secure credential as illustrated in claim 2, they do not teach expclitly, however, Campagna teaches wherein the secure credential is permanently set, and wherein the secure credential represents a root of trust to one of: a manufacturer of the security accelerator or the processing device; a distributor of the security accelerator or the processing device: an original equipment manufacturer of a product incorporating the security accelerator or the processing device; a credential authority; or an owner or system administrator entity of the computing system in which the processing device is deployed.  [Column 13, lines 25-45,  …root of trust. public …key corresponding to a private ..key…]
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to combine the teachings of Raghuram and Peddada with the disclosure of Compagna. The motivation or suggestion would have been to implement a system that will provide efficient and improved techniques  to allow security modules to share the cryptographic information for the purpose of availability, durability and scalability. (Column 02, lines 35-45, Compagna)  

Claims 7, 17 & 26 are rejected under 35 USC 103 as being unpatentable over Raghuram (US20140089658) in view of Peddada (US20160261408) and 
Chen (US 20190058588 as indicated in IDS dated 10/06/2021)
Regarding claims 7, 17 & 26, although Raghuram and Peddada teach secure credential as illustrated in claim 2, they do not teach expclitly, however, Chen teaches  wherein the non-volatile data storage hardware includes a set of programmable fuses, and wherein the secure credential is stored using the programmable fuses. [para 0019] 
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to combine the teachings of Raghuram and Peddada with the disclosure of Chen. The motivation or suggestion would have been to implement a system that will provide efficient techniques for improving performance of the cryptographic engine by storing the metadata and key generation information efficiently in the persistent main memory.  (abstract, paras 0001, 0010-0013, Chen)  
Examiner’s Note: Following are the relevant arts shown in PTO-892 but not used in the office action.
1. Buer (EP1643675A1) teaches A stateless hardware security module may communicate with other devices via a secure communication channel. As a result, sensitive information such as cryptographic keys and data may be securely routed between the client device and another device. The stateless hardware security module may support a limited set of key management operations to facilitate routing of information between the client device and another device. However, the stateless hardware security module does not need to maintain state information for the keys it maintains and/or uses. As a result the stateless hardware security module may be advantageously integrated into a variety of client devices. A stateless hardware security module may support receiving keys in a secure manner from another device and storing and using these keys within a secure boundary. A stateless hardware security module may support generating a private/public key pair within a secure boundary, maintaining the private key within the secure boundary, and exporting the public key to an authenticating entity. The stateless security module may be implemented using a single-poly process, etc. In some embodiments the ability to use any process results from the use of an improved type of one-time programmable memory. 
2. Asanoma (US20030056099) discloses an embodiment of the present invention in which an issue system previously issues a smart card, and sends an encrypted private key and a public key certificate to a user terminal, when issuing a new card or updating an old card. A user terminal inputs the received encrypted private key and public key certificate into a smart card. A smart card stores a public key certificate, and decrypts the inputted encrypted private key by an encryptor/decryptor based on a symmetric key, and stores the obtained private key. Therefore, collection and redistribution of a smart card becomes unnecessary, when updating a private key and a public key certificate, saving the time and labor.
3. Mittal (US20100325732) teaches that a system administrator, while logged into a system-administrator account, creates and configures a key-administrator account and a member account. A key administrator, while logged into said key-administrator account, creates a group private key, a group public key, and a group symmetric key, a member private key, and a member public key. The key administrator encrypts the group private key with the group symmetric key, and encrypts said group symmetric key with the member public key. A publisher encrypts a document using the group public key. The publisher distributes the resulting encrypted group document so that it is accessible via said member account but not through said key-administrator account.
4. Scagnol (US20150242614) discloses a security component for authenticating a device, within which it is incorporated, with another device, the security component comprising a root identity generator configured to generate a root identity comprising a public root identity and a private root identity for the security component and an output configured to output the public root identity for sharing with the other device and to not output the private root identity.
5. Kumar (US20180357183)  describes A container from a first root of trust associated with a first root entity may be received. The container may correspond to a mapping of a resource of an integrated circuit that is associated with the first root entity. The container may be verified based on a key that corresponds to the first root of trust and that is stored in the integrated circuit at manufacturing of the integrated circuit. An identification may be made that an assignment of the resource from the container corresponds to assigning the resource from the first root of trust to a new root of trust. A new key corresponding to the new root of trust may be generated. Information corresponding to the new key may be stored into a memory of the integrated circuit. Furthermore, the new key may be used to delegate the resource to a subsequent container.
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SHER KHAN whose telephone number is (571)272-8574.  The examiner can normally be reached on Monday-Friday-8:00am - 5:00pm (EST).If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Eleni Shiferaw can be reached on 571-272-3867.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/SHER A KHAN/           Primary Examiner, Art Unit 2497