10453015 (B.P.A.I. Jul. 27, 2012)

Ex Parte Watanabe et al

Board of Patent Appeals and InterferencesJul 27, 2012

10453015 (B.P.A.I. Jul. 27, 2012)

UNITED STATES PATENT AND TRADEMARK OFFICE ____________________ BEFORE THE BOARD OF PATENT APPEALS AND INTERFERENCES ____________________ Ex parte YUJI WATANABE and MASAYUKI NUMAO ____________________ Appeal 2010-000405 Application 10/453,015 Technology Center 2400 ____________________ Before DEBRA K. STEPHENS, ERIC S. FRAHM, and ERIC B. CHEN, Administrative Patent Judges. FRAHM, Administrative Patent Judge. DECISION ON APPEAL Appeal 2010-000405 Application 10/453,015 2 STATEMENT OF CASE1 Appellants appeal under 35 U.S.C. § 134(a) from a final rejection of claims 1-4, 9-20, and 22-26, all the claims pending in the application. Claims 5-8 and 21 have been canceled. We have jurisdiction under 35 U.S.C. § 6(b). We affirm-in-part. Appellants’ Invention Appellants’ invention relates to a cryptographic communication system, a server, programs, and devices for performing cryptographic communication including receiving and decrypting encrypted messages (Figs. 1-3; Abs.; claims 1, 9, 12, 14, and 16-19). Exemplary Claims Exemplary independent claims 1, 12, 14, 17, and 19 under appeal read as follows: Claim 1. A cryptographic communication system, comprising: a sender terminal for encrypting an original message and transmitting an encrypted message; a recipient terminal for receiving and decrypting the encrypted message; an agent terminal for decrypting the decrypted message in place of said recipient terminal; and a conversion server for supporting the agent terminal to decrypt the encrypted message, 1 Our decision will make reference to Appellants’ Appeal Brief filed April 10, 2009 (“App. Br.”), Appellants’ Reply Brief filed September 9, 2009 (“Reply Br.”), and the Examiner’s Answer mailed July 7, 2009 (“Ans.”). Appeal 2010-000405 Application 10/453,015 3 wherein said sender terminal encrypts the original message using a public key of said recipient terminal, said recipient terminal generates a delegation key using a public key of said conversion server, a predetermined restricted condition, and a secret key for decryption of the encrypted message and passes the generated delegation key to said agent terminal, the delegation key allowing decryption of the encrypted message under the restricted condition, said conversion server acquires at least part of the delegation key from the agent terminal and validates a power of said agent terminal to decrypt the encrypted message based on acquired information, and said agent terminal decrypts the encrypted message with validation of said conversion server. Claim 12. A terminal device, comprising: delegation key holding means for holding a delegation key generated using a one-way hash function based on a public key of a predetermined conversion server, a predetermined restricted condition, and a secret key for decryption of an encrypted message, the delegation key allowing decryption of the message under the restricted condition; inquiry means for transmitting at least part of the delegation key to the conversion server and receiving from the conversion server a parameter obtained as a result of validation of the conversion server according to the restricted condition; and decryption means for decrypting the message by use of the parameter acquired from the conversion server and the delegation key. Appeal 2010-000405 Application 10/453,015 4 Claim 14. A server, comprising: receiving means for receiving from a predetermined terminal device a predetermined restricted condition, part of a message encrypted with a first public key, and predetermined information encrypted with a second public key; judgment means for judging whether or not the acquired restricted condition is satisfied; parameter calculation means for decrypting the predetermined information with a secret key corresponding to the second public key and calculating a parameter for decryption of the message by use of the predetermined information, the restricted condition, and the part of the message encrypted with the first public key; and transmitting means for transmitting to the predetermined terminal device the parameter calculated by said parameter calculation means. Claim 17. A program embodied in computer readable storage medium for controlling a computer to decrypt an encrypted message, the program causing the computer to realize: a function of holding in a predetermined storage a delegation key generated using a one-way hash function based on a public key of a predetermined conversion server, a predetermined restricted condition, and a secret key for decryption of an encrypted message, the delegation key allowing decryption of the message under the restricted condition; a function of transmitting at least part of the delegation key to the conversion server and receiving from the conversion server a parameter obtained as a result of validation of the conversion server according to the restricted condition; and Appeal 2010-000405 Application 10/453,015 5 a function of decrypting the message using the parameter acquired from the conversion server and the delegation key. Claim 19. A decryption method, comprising the steps of: generating a delegation key based on a first secret key corresponding to a first public key, a predetermined restricted condition, and a second public key, the delegation key allowing decryption of the message under the restricted condition; passing at least part of the delegation key to an external party having a second secret key corresponding to the second public key and acquiring from the external party a result of judgment whether or not decryption processing with the delegation key satisfies the restricted condition; and decrypting the message, which is encrypted with the first public key, by use of the delegation key and the result of judgment of the external party. The Examiner’s Rejection The Examiner rejected claims 1-4, 9-20, and 22-26 as being unpatentable under 35 U.S.C. § 103(a) over Wang (US 6,859,533 B1), Brickell (US 2002/0147917 A1), and Matyas (US 4,924,515).2 Ans. 3-8. 2 Separate patentability under § 103(a) is not argued for claims 2-4, 10, 11, 13, 15, 20, and 22-26 rejected under § 103(a). App. Br. 28-29, 32, 37-38; see generally Reply Br. 4-21. Appellants only present arguments in the briefs as to the rejection of claims 1, 9, 12, 14, and 16-19 (see App. Br. 16- 18; Reply Br. 4-20). Because Appellants’ arguments for each of claims 2-4, 9-11, 16, 20, and 22 present issues similar to the issues presented in claim 1 (claims 1, 9, and 16 each include the limitation of generating a “delegation key” using a “public key,” a “predetermined restricted condition,” and a “secret key”), and pursuant to our authority under 37 C.F.R. § 41.37(c)(1)(vii), we consider claim 1 to be representative of claims 1-4, 9- 11, 16, 20, and 22. Appeal 2010-000405 Application 10/453,015 6 Appellants’ Contentions With regard to the obviousness rejection of claims 1-4, 9-20, and 22- 26 over the combination of Wang, Brickell, and Matyas, Appellants contend (App. Br. 9-38; Reply Br. 4-21) that the Examiner erred in rejecting independent claims 1, 9, 12, 14, and 16-19 under 35 U.S.C. § 103(a) for numerous reasons, including: (1) Matyas, at column 4, lines 39-64 and column 18, lines 36-43 or any other portion, fails to teach or suggest the generating a “delegation key” based on or using (i) a public key, (ii) predetermined restricted condition, and (iii) secret key as set forth in claims 1, 9, and 16 (App. Br. 9-21 and 32- 34; Reply Br. 6, 10, and 17-18); (2) Matyas’ control vector (C) is not generated based on or using (i) a public key, (ii) predetermined restricted condition, and (iii) secret key as set forth in claims 1, 9, and 16 (App. Br. 11); (3) Matyas’ control vector checking unit is not equivalent to the delegation key recited in claims 1, 9, and 16 (Reply Br. 6, 10, and 17-18); (4) Matyas’ control vector does not allow decryption of the encrypted message under a restricted condition, as recited in claim 1 (App. Br. 12-21); (5) Matyas fails to teach or suggest (i) “inquiry means for transmitting at least part of the delegation key to the conversion server and receiving from the conversion server a parameter obtained as a result of validation of Because claim 18 presents issues similar to the issues presented in claim 14 rejected under § 103(a) (claims 14 and 18 each recite “calculating a parameter for decryption”), we consider claim 14 to be representative of claims 14 and 18. In view of the foregoing, our discussion in this regard is limited to Appellants’ arguments as to the rejection of claim 14. In summary, our decision will provide an analysis of only claims 1, 12, 14, 17, and 19. Appeal 2010-000405 Application 10/453,015 7 the conversion server according to the restricted condition” as recited in claim 12, and (ii) “a function of decrypting the message using the parameter acquired from the conversion server and the delegation key” as recited in claim 17, because Matyas fails to decrypt the message using the same parameter obtained from the validation of the conversion server according to the restricted condition (App. Br. 30-32 and 34-36; Reply Br. 14-19); (6) Matyas fails to teach or suggest “calculating a parameter for decryption of the message” as recited in claims 14 and 18 (App. Br. 21-23 and 36-37; Reply Br. 10-11 and 19-20); and (7) Matyas fails to teach or suggest “decrypting the message” by use of “the result of judgment of the external party” as recited in claim 19 (App. Br. 23-28; Reply Br.11-14). Issues on Appeal Based on Appellants’ arguments, the following issues are presented on appeal: (1) Did the Examiner err in rejecting claims 1-4, 9-11, 16, 20, and 22 as being obvious because the combination of Wang, Brickell, and Matyas fails to teach or suggest the delegation key limitation at issue in representative claim 1? (2) Did the Examiner err in rejecting claims 12, 13, 17, and 25 as being obvious because the combination of Wang, Brickell, and Matyas fails to teach or suggest fails to decrypt the message using the same parameter obtained from the validation of the conversion server according to the restricted condition, as set forth in claims 12 and 17? (3) Did the Examiner err in rejecting claims 14, 15, 18, and 26 as being obvious because the combination of Wang, Brickell, and Matyas fails Appeal 2010-000405 Application 10/453,015 8 to teach or suggest “calculating a parameter for decryption of the message,” as set forth in representative claim 14, and similarly set forth in independent claim 18? (4) Did the Examiner err in rejecting claims 19, 23, and 24 as being obvious because the combination of Wang, Brickell, and Matyas fails to teach or suggest “decrypting the message” by use of “the result of judgment of the external party” as recited in claim 19? ANALYSIS We have reviewed the Examiner’s rejections in light of Appellants’ arguments in the Appeal Brief (App. Br. 9-38) and Reply Brief (Reply Br. 4- 21) that the Examiner has erred. We agree with Appellants’ conclusions as to issues (2)-(4) specifically listed above (see Appellants’ Contentions (5)- (7) relating to the obviousness rejection of claims 12-19 and 23-26). However, as to issue (1), we disagree with Appellants’ Contentions (1)-(4), and instead we agree with the Examiner that the combination of Wang, Brickell, and Matyas teaches or suggests the delegation key limitation as set forth in claims 1, 9, and 16. With regard to representative claim 1, we adopt as our own (1) the findings and reasons set forth by the Examiner in the action from which this appeal is taken, and (2) the reasons set forth by the Examiner in the Examiner’s Answer in response to Appellants’ Appeal Brief (Ans. 3-4 and 8-13). We highlight and address certain arguments and findings, infra, regarding issues (1)-(4) as follows. Claim 1 Matyas’ control vector C (see Fig. 5; col. 4, ll. 39-64 and col. 18, ll. 36-46) meets the limitation found in representative claim 1 of “a delegation Appeal 2010-000405 Application 10/453,015 9 key using a public key of said conversion server, a predetermined restricted condition, and a secret key for decryption of the encrypted message and passes the generated delegation key to said agent terminal, the delegation key allowing decryption of the encrypted message under the restricted condition.” The recitation in claim 1 of generating a delegation key using a predetermined condition broadly encompasses Matyas’ disclosure that “one or more time intervals are encoded into the control vector for the purpose of specifying when the associated cryptographic key may or may not be used for processing” (col. 18, ll. 39-42), and/or Matyas’ disclosure of “limiting access to keys according to instruction types or parameters within instructions” (col. 18, ll. 44-46). In view of the foregoing, we will sustain the Examiner’s § 103(a) rejection of representative claim 1. Claims 12 and 17 We agree with Appellants that Wang (and thus the combination of Wang, Brickell, and Matyas) fails to teach or suggest (i) “inquiry means for transmitting at least part of the delegation key to the conversion server and receiving from the conversion server a parameter obtained as a result of validation of the conversion server according to the restricted condition” as recited in claim 12, or (ii) “a function of decrypting the message using the parameter acquired from the conversion server and the delegation key” as recited in claim 17 (App. Br. 30-32 and 34-36; Reply Br. 14-19). Wang fails to decrypt the message using the same parameter obtained from Brickell’s validation of Wang’s facilitator (i.e., conversion server) according to Matyas’ restricted condition, or the same parameter (i.e., Matyas’ control vector C) obtained from the conversion server (i.e., Wang’s Appeal 2010-000405 Application 10/453,015 10 facilitator). Wang instead uses a parameter (the transformed message (r’, s) and the proxy key Π disclosed at Wang’s col. 18, ll. 3-5) different than that obtained from validation of the facilitator (i.e., conversion server). This is also different than Matyas’ disclosure that “more than one encrypted key and control vector are supplied as parameters to a cryptographic instruction” (col. 5, ll. 20-22). The Examiner’s articulation that Wang’s facilitator (i.e., conversion server) validates whether or not Matyas’ restricted condition is met using Matyas’ one-way hash function is conclusory and not supported by articulated reasoning with a rational underpinning (see Ans. 7 and 20-21). In view of the foregoing, we will not sustain the Examiner’s § 103(a) rejection of claims 12 and 17. Claim 14 We agree with Appellants’ contention (App. Br. 21-23; Reply Br. 10- 11) that the combination of Wang, Brickell, and Matyas (and specifically, Matyas) fails to teach or suggest “calculating a parameter for decryption of the message,” as set forth in representative claim 14. Although a parameter is present in Matyas, the parameter (e.g., date and time information disclosed at col. 18, ll. 35-43) is not calculated, but is instead “encoded into the control vector” (col. 18, l. 40). Matyas is silent as to whether the parameter for decryption of a message is calculated, and the Examiner has not articulated how or why the combination of Wang, Brickell, and Matyas meets the “parameter calculation means” limitation including use of a first public key and a secret, or second public, key(see Ans. 6-7 and 14-16). In view of the foregoing, we will not sustain the Examiner’s § 103(a) rejection of representative claim 14. Appeal 2010-000405 Application 10/453,015 11 Claim 19 Finally, we agree with Appellants that the combination of Wang, Brickell, and Matyas fails to teach or suggest “decrypting the message” by use of “the result of judgment of the external party” as recited in claim 19 (App. Br. 23-28; Reply Br.11-14). We do not agree with the Examiner’s determination that Matyas’ authorization is a result in judgment that is acquired by an external party (Ans. 18-19). Although Matyas discloses that the authorization or validation “specif[ies] when the associated cryptographic key may or may not be used for processing” based on a service request (col. 18, ll. 41-42), Matyas is silent as to whether the authorization is “acquired by an external party” as recited in claim 19. Similarly, although Matyas discloses calculating a one-way hash function for encrypting a cryptographic key (col. 10, ll. 51-56; Fig. 9), we cannot agree with the Examiner’s finding that Matyas’ one-way hash function is used by Wang’s facilitator (i.e., conversion server) to validate the satisfaction of the restricted condition (see Ans. 7). In view of the foregoing, we will not sustain the Examiner’s § 103(a) rejection of claim 19. CONCLUSIONS (1) Appellants have demonstrated that the Examiner erred in rejecting claims 12-15, 17-19, and 23-26 as being unpatentable under 35 U.S.C. § 103(a) over the combination of Wang, Brickell, and Matyas. (2) The Examiner did not err in rejecting claims 1-4, 9-11, 16, 20, and 22 as being obvious because the combination of Wang, Brickell, and Matyas Appeal 2010-000405 Application 10/453,015 12 teaches or suggests the delegation key limitation as set forth in independent claim 1 and similarly set forth in independent claims 9 and 16. (3) Claims 1-4, 9-11, 16, 20, and 22 are not patentable. DECISION The Examiner’s decision to reject claims 12-15, 17-19, and 23-26 as being unpatentable under 35 U.S.C. § 103(a) over Wang, Brickell, and Matyas is reversed. The Examiner’s decision to reject claims 1-4, 9-11, 16, 20, and 22 as being unpatentable under 35 U.S.C. § 103(a) over Wang, Brickell, and Matyas is affirmed. No time period for taking any subsequent action in connection with this appeal may be extended under 37 C.F.R. § 1.136(a)(1)(iv). AFFIRMED-IN-PART msc