14473042 (P.T.A.B. Jun. 28, 2018)

Ex Parte Hars

Patent Trial and Appeal BoardJun 28, 2018

14473042 (P.T.A.B. Jun. 28, 2018)

UNITED STA TES p A TENT AND TRADEMARK OFFICE APPLICATION NO. FILING DATE 14/473,042 08/29/2014 128836 7590 07/02/2018 WOMBLE BOND DICKINSON (US) LLP Attn: IP Docketing P.O. Box 7037 Atlanta, GA 30357-0037 FIRST NAMED INVENTOR Laszlo Hars UNITED STATES DEPARTMENT OF COMMERCE United States Patent and Trademark Office Address: COMMISSIONER FOR PATENTS P.O. Box 1450 Alexandria, Virginia 22313-1450 www .uspto.gov ATTORNEY DOCKET NO. CONFIRMATION NO. 5013899.153US1 4306 EXAMINER GUIRGUIS, MICHAEL M ART UNIT PAPER NUMBER 2498 NOTIFICATION DATE DELIVERY MODE 07/02/2018 ELECTRONIC Please find below and/or attached an Office communication concerning this application or proceeding. The time period for reply, if any, is set in the attached communication. Notice of the Office communication was sent electronically on above-indicated "Notification Date" to the following e-mail address(es): patentadmin@Boeing.com ipdocketing@wbd-us.com PTOL-90A (Rev. 04/07) UNITED STATES PATENT AND TRADEMARK OFFICE BEFORE THE PATENT TRIAL AND APPEAL BOARD Ex parte LASZLO HARS Appeal2017-005894 Application 14/473,042 Technology Center 2400 Before ELENI MANTIS MERCADER, JAMES W. DEJMEK, and JASON M. REPKO, Administrative Patent Judges. REPKO, Administrative Patent Judge. DECISION ON APPEAL STATEMENT OF THE CASE Appellant1 appeals under 35 U.S.C. Â§ 134(a) from the Examiner's rejection of claims 1-8, 10-19, 21, and 22. App. Br. 2. 2 Claims 9 and 20 were canceled. We have jurisdiction under 35 U.S.C. Â§ 6(b ). We affirm-in-part. 1 Appellant identifies the real party in interest as The Boeing Company. App. Br. 1. 2 Throughout this opinion, we refer to the Final Rejection ("Final Act.") mailed February 16, 2016; the Appeal Brief ("App. Br.") filed August 23, 2016; the Examiner's Answer ("Ans.") mailed January 30, 2017; and the Reply Brief ("Reply Br.") filed February 27, 2017. Appeal2017-005894 Application 14/473,042 THE INVENTION Appellant's invention addresses malicious attempts to copy-and-paste memory blocks between different locations. Spec. ,r 7. The invention involves memory address-dependent encryption and address-dependent data authentication. Id. One embodiment uses a "tweakable" cipher. Id. In this cipher, part of a key (the tweak value) depends on the memory location or other information. Id. According to the Specification, this provides a desired diversification of the corresponding data encryption and authentication. Id. Claim 1 is reproduced below with our emphasis: 1. A system for providing security in a computer system, the system comprising one or more logic circuits configured to at least: produce an initial block of data from a respective address of a memory location in a memory, and a data version value that is updated with each write operation at the memory location having the respective address; generate a key from the initial block of data, including the one or more logic circuits being configured to calculate an updated block of data for each round of a plurality of rounds in a substitution-permutation network, including being configured to mix an input block of data through a substitution layer including a plurality of substitution boxes, and a linear transformation layer including a permutation, to produce the updated block of data, the input block of data or updated block of data being mixed with a round key respectively before the substitution layer or after the linear transformation layer, wherein the input block of data is the initial block of data for a first of the plurality of rounds, and the updated block of data for an immediately preceding round for each round thereafter, and the key is composed of the updated block of data for a last of the plurality of rounds; produce a block of ciphertext with the key; and perform a write operation to write the block of ciphertext at the memory location having the respective address, 2 Appeal2017-005894 Application 14/473,042 wherein the memory includes a window of memory locations each memory location of which stores a respective block of ciphertext produced with a respective key, and the respective key changes from memory location to memory location, and depends on the data version value and thereby changes with each write operation at each memory location. THE EVIDENCE The Examiner relies on the following as evidence: Adams et al. Sonnekalb Goettfert et al. Hawkes et al. Yap et al. us 5,825,886 US 2005/0002523 Al US 2006/0265563 Al US 2010/0115286 Al US 2015/0169472 Al THE REJECTIONS Oct. 20, 1998 Jan.6,2005 Nov. 23, 2006 May 6, 2010 June 18,2015 Claims 1, 2, 6-8, 10-13, 17-19, 21, and 22 stand rejected under 35 U.S.C. Â§ 103 as unpatentable over Hawkes, Goettfert, and Yap. Final Act. 3-11. 3 Claims 3, 5, 14, and 16 stand rejected under 35 U.S.C. Â§ 103 as unpatentable over Hawkes, Goettfert, Yap, and Sonnekalb. Final Act. 11- 13. Claims 4 and 15 stand rejected under 35 U.S.C. Â§ 103 as unpatentable over Hawkes, Goettfert, Yap, and Adams. Final Act. 14--15. 3 The Examiner lists claim 5 in this rejection's heading but does not include the claim in the substantive discussion that follows. See Final Act. 3-11. The Examiner, however, includes claim 5 in the heading and the corresponding discussion in the section regarding the combination of Hawkes, Goettfert, Yap, and Sonnekalb. See id. at 11-13. So, for the purposes of this appeal, we treat claim 5 as rejected over Hawkes, Goettfert, Yap, and Sonnekalb. 3 Appeal2017-005894 Application 14/473,042 THE OBVIOUSNESS REJECTION OVER HAWKES, GOETTFERT, AND YAP The Examiner's Findings The Examiner finds that Hawkes teaches every limitation in representative4 claim 1 except for (1) the recited window of memory locations and (2) a key based on the recited data version value. Final Act. 4-- 7. In concluding that claim 1 would have been obvious, the Examiner cites Goettfert and Yap as teaching these features. Id. Of relevance to the issue raised by Appellant, the Examiner finds that Yap teaches the recited data version value. Id. at 6. According to the Examiner, Yap teaches function 318 that generates a tweak from an address 308 and produces a different tweak for each sub-block. Ans. 16. The Examiner finds that Yap's function 318 takes a consecutive number as a parameter, and this parameter corresponds to the recited data version value. Id. Appellant's Contentions In Appellant's view, Yap's sub-block parameter does not update with each write operation. App. Br. 6-7; Reply Br. 2. According to Appellant, Yap' s parameter is always zero for the first sub-block, one for the second sub-block, and so on for the other blocks. App. Br. 6; Reply Br. 2. Appellant does not dispute that ( 1) Yap modifies a base tweak for each sub-block of a data block at an address, and (2) Yap's modification uses a different parameter for each sub-block. Reply Br. 3--4. Appellant, 4 Appellant argues claims 1, 6, 8, 10-12, 17, 19, 21, and 22 as a group. See App. Br. 7; Reply Br. 1--4. We select independent claim 1 as representative of claims 1, 6, 8, 10-12, 17, 19, 21, and 22. See 37 C.F.R. Â§ 4I.37(c)(l)(iv) (2015). 4 Appeal2017-005894 Application 14/473,042 however, argues that this does not change the key "with each write operation at each memory location." Id. at 4. According to Appellant, Yap's write operation writes data blocks to the address, not sub-blocks. Id. Analysis I The first limitation at issue in claim 1 recites, in part, "a data version value that is updated with each write operation at the memory location having the respective address" ( emphasis added). The Examiner interprets the data version value as encompassing a value that is updated for each write operation at each sub-block. Ans. 16. The Examiner further explains that the limitation does not require a value that is unique and distinct for each write operation at the location. Id. Rather, the claim only requires that the value is updated. Id. We agree. The Examiner's interpretation is consistent with the Specification. The Specification discloses more than one way to update the data version value. See, e.g., Spec. ,r,r 30-31. Several embodiments involve incrementing a counter in different ways. See id. In particular, one embodiment derives the data version from a global write counter (GWC). Id. ,r 30. The GWC indicates the number of encrypted write operations in a current computing session or, alternatively, over multiple computing sessions. Id. The data version value may be derived from a clock or incremented by an amount before any write operation. Id. ,r,r 30-31. In some embodiments, the incrementing may not cause the counter to wrap around in a typical application for several years of continuous operation. Id. ,r 31. But even these embodiments use a GWC that eventually wraps around, albeit after several years. Id. In general, the Specification describes 5 Appeal2017-005894 Application 14/473,042 several suitable ways to increment that neither require nor discuss a unique or distinct value for each write operation at the memory location. See id. ,r,r 30-31. Like the disclosed data version values (see, e.g., id. ,r,r 30-31), Yap's data version value may take the same value periodically but, nevertheless, is updated with each write operation at the memory location. Yap ,r 18; accord Ans. 16. This operation is shown in Yap's Figure 4, which is reproduced below. 400 Initiate encryption operations .. 402 Receive an address of data to be stored in the memory storage, Generate a base tweak as a function of the address of the data in the memory for a first block of the rnceiverl data. 404 406 Pad the address to pnxluce a base tweak having a fixed bi! length. 408 Enr.rypt the base tweak using an encryption key to pro(l uce an encr1pted base tweak. 410 412 Apply a !unction to the encrypted base tweak to produce an Ith modif1e