Ex Parte Winget et alDownload PDFPatent Trial and Appeal BoardFeb 21, 201310724995 (P.T.A.B. Feb. 21, 2013) Copy Citation UNITED STATES PATENT AND TRADEMARK OFFICE ____________________ BEFORE THE PATENT TRIAL AND APPEAL BOARD ____________________ Ex parte NANCY CAM WINGET, HAO ZHOU, MARK KRISCHER, JOSEPH A. SALOWEY, JEREMY STIEGLITZ, SAAR GILLAI, and PADMANABHA CHELUVARAJU JAKKAHALLI ____________________ Appeal 2010-006968 Application 10/724,995 Technology Center 2400 ____________________ Before DAVID M. KOHUT, BRYAN F. MOORE, and MICHAEL J. STRAUSS, Administrative Patent Judges. STRAUSS, Administrative Patent Judge. DECISION ON APPEAL Appeal 2010-006968 Application 10/724,995 2 STATEMENT OF CASE Appellants appeal under 35 U.S.C. § 134(a) from a rejection of claims 1, 2, 5-10, 15-21, 24, 26, and 27. Claims 3-4, 11-14, 22-23, and 25 have been canceled. We have jurisdiction under 35 U.S.C. § 6(b). We affirm. The claims are directed to a system and method for provisioning and authenticating via a network. Claim 1, reproduced below, is illustrative of the claimed subject matter: 1. A method of authenticating communication between a first and a second party, the method comprising: determining whether a shared secret exists between a peer and a server; establishing a first secure tunnel between the peer and the server using asymmetric encryption responsive to determining the shared secret does not exist between the peer and the server; receiving the shared secret via the first secure tunnel between the peer and the server responsive to the determining that the shared secret does not exist between the peer and the server and to the establishing the first secure tunnel; tearing down the first secure tunnel; establishing a subsequent new secure tunnel between the peer and the server using symmetric encryption and the shared secret after the tearing down the first secure tunnel and after the peer has received the shared secret; mutually deriving a tunnel key for the subsequent new secure tunnel using symmetric cryptography based on the shared secret responsive to establishing the subsequent new secure tunnel; authenticating a relationship between the peer and the server within the subsequent new secure tunnel upon mutually deriving the tunnel key for the subsequent new secure tunnel; and Appeal 2010-006968 Application 10/724,995 3 cryptographically binding the subsequent new secure tunnel with conversations inside the subsequent new secure tunnel. REFERENCES The prior art relied upon by the Examiner in rejecting the claims on appeal is: Dogan US 2004/0268126 A1 Dec. 30, 2004 Kuehr-McLaren US 6,978,298 B1 Dec. 20, 2005 Paul Funk & Simon Blake-Wilson, draft-ietf-eap-ttls-02.txt, EAP Tunneled TLS Authentication Protocol (EAP-TTLS), Internet-Draft PPPEXT Working Group; 30 Nov. 2002, pp. 1-40 (“Funk”) Ian Downnard, Public-key cryptography extensions into Kerberos, IEEE December 2002/January 2003, pp. 30-34 (“Downnard”) REJECTIONS 1 The Examiner made the following rejections: Claims 1, 2, 5, 6, 9, 10, 15-21, 24, 26, and 27 stand rejected under 35 U.S.C. § 103(a) as being unpatentable over Dogan, Kuehr-McLaren, and Funk. Ans. 3-4. Claims 5-10 and 20 stand rejected under 35 U.S.C. § 103(a) as being unpatentable over Dogan, Kuehr-McLaren, Funk, and Downnard. Ans. 11- 12. 1 Although claims 1, 17 and 24 contain separate headings in Appellants’ Brief, the allegations of error in connection with claims 17 and 24 are the same as Appellants’ arguments with respect to claim 1. Therefore, our analysis with respect to claim 1 also applies with respect to claims 17 and 24. Appeal 2010-006968 Application 10/724,995 4 APPELLANTS’ CONTENTIONS 1. “Dogan does not teach or suggest cryptographically binding a subsequent secure tunnel with conversations inside the subsequent secure tunnel as recited in claim 1.” App. Br. 11. 2. Dogan’s disclosure of communicating inside a new secure tunnel using the connection secret is different from the claimed conversation that is bound to the tunnel because, unlike the claimed cryptographic binding, Dogan’s system does not detect or prevent man-in-the-middle attacks. Id. ISSUE ON APPEAL Based on Appellants’ arguments in the Appeal Brief (App. Br. 10-16) and Reply Brief (Reply Br. 4-12), the issue presented on appeal is whether the combination of Dogan, Kuehr-McLaren, and Funk teaches or suggests the disputed claim limitation rendering the claims obvious under 35 U.S.C. 103(a). ANALYSIS We have reviewed the Examiner’s rejections in light of Appellants’ arguments that the Examiner has erred. We disagree with Appellants’ conclusions as to all rejections. We adopt as our own (1) the findings and reasons set forth by the Examiner in the action from which this appeal is taken and (2) the reasons set forth by the Examiner in the Examiner’s Answer in response to Appellants’ Appeal Brief. We concur with the conclusions reached by the Examiner. We highlight the following arguments for emphasis. In connection with contention 1, Appellants argue that “Dogan does not teach or suggest cryptographically binding a subsequent secure tunnel Appeal 2010-006968 Application 10/724,995 5 with conversations inside the subsequent secure tunnel as recited in claim 1.” App. Br. 11. The Examiner responds: [i]n defining what this cryptographic binding means, Appellant states that “This means that the conversation is associated with, or tied to, the tunnel.” This being the case, one of ordinary skill in the art would understand that data being encrypted and sent in this tunnel corresponds to cryptographically binding a tunnel with conversations inside the tunnel. Ans. 14 referencing Appellants’ statements appearing at App. Br. 11. We agree with the Examiner’s analysis. When construing claim terminology during prosecution before the Office, claims are to be given their broadest reasonable interpretation consistent with the specification, reading claim language in light of the specification as it would be interpreted by one of ordinary skill in the art. In re Am. Acad. of Sci. Tech. Ctr., 367 F.3d 1359, 1364 (Fed. Cir. 2004). In this case, Appellants’ Specification does not expressly define “cryptographic binding” or otherwise indicate that this term is used in a manner other than its ordinary and customary meaning. Therefore we find that the Examiner reasonably adopted Appellants’ definition of cryptographic binding as argued in their Appeal Brief to mean associated with, or tied to, the tunnel. Furthermore, based on this definition, we agree with the Examiner that Dogan’s disclosure of encrypting and decrypting data “with a cipher initialized with the connection secret generated by the secret generation module 308” teaches or suggests the disputed feature of “cryptographically binding the subsequent new secure tunnel with conversations inside the subsequent new secure tunnel.” See Ans. 15 citing Dogan para. [0035]. Since Appellants have not provided sufficient evidence or argument to persuade us that Dogan’s disclosure of data being encrypted Appeal 2010-006968 Application 10/724,995 6 and sent in a tunnel fails to meet the requirement of cryptographically binding a tunnel with conversations inside the tunnel, we find contention 1 unpersuasive of Examiner error. In connection with contention 2 Appellants argue that Dogan’s disclosure of communicating inside a new secure tunnel using the connection secret is different from the claimed conversation that is bound to the tunnel because, unlike the claimed cryptographic binding, Dogan’s system does not detect or prevent man-in-the-middle attacks. App. Br. 11. The Examiner responds that the claims do not refer to detecting or preventing man-in-the-middle attacks and “no part of the application is directed to detecting man-in-the-middle attacks.” Ans. 16. Furthermore the Examiner explains why the system of Dogan would prevent such attacks from occurring, noting that Appellants have not provided any argument to the contrary. Ans. 17. In the absence of sufficient evidence or argument that the claims require detection or prevention of man-in-the-middle attacks and that the teachings of Dogan would not provide such detection or prevention, we agree with the Examiner’s analysis and find contention 2 to be unpersuasive of Examiner error. Finally, for the first time in the Reply Brief Appellants present additional arguments that Dogan, McLaren, and Funk do not disclose other limitations of claim 1. (See, e.g., Reply Br. 4-5 (asserting that the applied prior art is “silent on a decoupling feature in a method of authenticating communication between first and second parties wherein actions within the first tunnel are decoupled from the actions in the subsequent new tunnel”) and Reply Br. 7 (asserting that “Dogan does not teach or suggest the decoupling feature of the claims wherein an authentication is performed in a Appeal 2010-006968 Application 10/724,995 7 subsequent new tunnel established after an initial tunnel is torn down.”)) Appellants' arguments on these points, however, are untimely and waived. See Ex parte Borden, 93 USPQ2d 1473, 1474 (BPAI 2010) (informative) (“[T]he reply brief [is not] an opportunity to make arguments that could have been made in the principal brief on appeal to rebut the Examiner's rejections, but were not.”). For the reasons discussed supra, we find that Appellants have failed to provide sufficient evidence or argument to persuade us that that the combination of Dogan, Kuehr-McLaren, and Funk fails to teach or suggest the disputed claim limitations. Therefore we sustain the rejection of claim 1 and for the same reason claims 17 and 24 under 35 U.S.C. § 103(a) as being unpatentable over Dogan, Kuehr-McLaren, and Funk together with the rejections of claims 5-10, 15, 16, 18-21, 26, and 27 not separately argued. CONCLUSIONS On the record before us, we conclude that the Examiner did not err in rejecting claims 1, 2, 5, 6, 9, 10, 15-21, 24, 26, and 27 under 35 U.S.C. § 103(a) as being unpatentable over Dogan, Kuehr-McLaren, and Funk or in rejecting claims 5-10 and 20 under 35 U.S.C. § 103(a) as being unpatentable over Dogan, Kuehr-McLaren, Funk, and Downnard. DECISION The decision of the Examiner to reject claims 1, 2, 5-10, 15-21, 24, 26, and 27 is affirmed. No time period for taking any subsequent action in connection with this appeal may be extended under 37 C.F.R. § 1.136(a)(1)(iv). Appeal 2010-006968 Application 10/724,995 8 AFFIRMED ELD Copy with citationCopy as parenthetical citation