2019005301 (P.T.A.B. Dec. 23, 2020)

Ixia

Patent Trials and Appeals BoardDec 23, 2020

2019005301 (P.T.A.B. Dec. 23, 2020)

UNITED STATES PATENT AND TRADEMARK OFFICE UNITED STATES DEPARTMENT OF COMMERCE United States Patent and Trademark Office Address: COMMISSIONER FOR PATENTS P.O. Box 1450 Alexandria, Virginia 22313-1450 www.uspto.gov APPLICATION NO. FILING DATE FIRST NAMED INVENTOR ATTORNEY DOCKET NO. CONFIRMATION NO. 14/014,315 08/29/2013 Andrei Cipu 1424/132/2 6729 148415 7590 12/23/2020 Keysight Technologies, Inc. In care of: CPA Global 900 Second Avenue South Suite 600 Minneapolis, MN 55402 EXAMINER BELL, KALISH K ART UNIT PAPER NUMBER 2432 NOTIFICATION DATE DELIVERY MODE 12/23/2020 ELECTRONIC Please find below and/or attached an Office communication concerning this application or proceeding. The time period for reply, if any, is set in the attached communication. Notice of the Office communication was sent electronically on above-indicated "Notification Date" to the following e-mail address(es): keysightdocketing@cpaglobal.com notice.legal@keysight.com PTOL-90A (Rev. 04/07) UNITED STATES PATENT AND TRADEMARK OFFICE BEFORE THE PATENT TRIAL AND APPEAL BOARD Ex parte ANDREI CIPU, ALEXANDRU R. BADEA, and GEORGE CIOBANU Appeal 2019-005301 Application 14/014,315 Technology Center 2400 Before MICHAEL J. STRAUSS, JEREMY J. CURCURI, and PHILLIP A. BENNETT, Administrative Patent Judges. STRAUSS, Administrative Patent Judge. Appeal 2019-005301 Application 14/014,315 2 DECISION ON APPEAL1 STATEMENT OF THE CASE Pursuant to 35 U.S.C. § 134(a), Appellant2 appeals from the Examiner’s decision to reject claims 1–10, 12–21, and 23. See Final Act. 1. We have jurisdiction under 35 U.S.C. § 6(b). We REVERSE. PRIOR APPEAL This Application was subject to prior appeal 2016-007540, decided on October 27, 2017 (our “prior Decision”), in which the Board affirmed the Examiner’s rejections of the claims then pending. CLAIMED SUBJECT MATTER The claims are directed to utilizing predetermined encryption keys in a test simulation environment. Claim 12, reproduced below with disputed limitations emphasized in italics, is illustrative of the claimed subject matter: 12. A system for utilizing predetermined encryption keys data in a test simulation environment, the system comprising: a device under test (DUT) configured to generate a DUT public key and to be subjected to an Internet protocol security (IPsec) test session; and a traffic emulation device configured 1 We refer to the Specification, filed August 29, 2013 (“Spec.”); Final Office Action, mailed September 28, 2018 (“Final Act.”); Advisory Action, mailed November 11, 2018 (“Advisory Act.”); Appeal Brief, filed March 7, 2019 (“Appeal Br.”); Examiner’s Answer, mailed April 18, 2019 (“Ans.”); and Reply Brief, filed June 18, 2019 (“Reply Br.”). 2 We use the term “Appellant” to refer to “applicant” as defined in 37 C.F.R. § 1.42. Appellant identifies the real party in interest as Keysight Technologies. Appeal Br. 2. Appeal 2019-005301 Application 14/014,315 3 to provision, prior to an initiation of a first Internet protocol security (IPsec) test session, the DUT with a first key exchange number that is known by both the DUT and the traffic emulation device, to generate, prior to the initiation of the first IPsec test session with the DUT, a private key and a public key, wherein the public key is generated by the traffic emulation device using a second key exchange number, to store the private key and the public key in a local storage, wherein the private key and the stored public key are mapped to the second exchange key number in the local storage, to retrieve the second exchange key number, the private key and the public key from the local storage upon the initiation of the first IPsec test session, to provide the second exchange key number and the public key to the DUT, wherein the DUT utilizes the second exchange key number and the previously provisioned first exchange key number to generate a DUT public key, to generate a shared secret key utilizing the retrieved private key and the DUT public key generated by and received from the DUT, to utilize the first shared secret key to exchange tunnel request and tunnel response messages to establish the first IPsec test session with the DUT, to retrieve after the first IPsec test session is established, the private key and the public key associated with the first IPsec test session from the local memory upon an initiation of a second IPsec test session between the traffic emulation device and the DUT, and to generate a second shared secret key for the second IPsec test session by utilizing the retrieved private key associated with the first IPsec test session and a second DUT public key generated by and received from the DUT by the traffic emulation device after the first IPsec test session is established. Appeal 2019-005301 Application 14/014,315 4 REFERENCES The prior art relied upon by the Examiner is: Name Reference Date Hellman US 4,200,770 Apr. 29, 1980 Mukherjee US 2008/0010523 A1 Jan. 10, 2008 Pyatkovskiy US 2012/0182884 A1 July 19, 2012 REJECTION Claims 1–10, 12–21, and 23 stand rejected under 35 U.S.C. § 103 as being unpatentable over Pyatkovskiy, Mukherjee, and Hellman. Advisory Act. 1–3; Final Act. 5–11. OPINION Examiner’s Findings The Examiner finds Pyatkovkiy’s method of fast secure sockets layer (SSL) testing using pre-calculated cryptographic data teaches or suggests a system as described in the preamble of claim 12, including a traffic emulation device subjecting a device under test (DUT) to simulated traffic. Advisory Act. 2. The Examiner applies Mukherjee for teaching the DUT is specifically subjected to an Internet protocol security (IPsec) test session and teaching the generation of public keys using first and second key exchange numbers.3 Id. at 2–3. U.S. Patent No. 4,200,770 of Martin Hellman, Bailey [Whitefield] Diffie, and Ralph Merkle, is relied upon for teaching the 3 We note that claim 12 uses the terms “first [second] key exchange number” and “first [second] exchange key number.” For purposes of this appeal, we treat the slight difference in terminology, reversing the words “exchange” and “key,” as unintentional typographical errors rather than defining different numbers. Appeal 2019-005301 Application 14/014,315 5 exchange of key numbers between the DUT and the traffic emulation device (i.e., use of the “Diffie-Hellman” key exchange method named after two of the three listed inventors). Id. at 3. The Examiner provides reasoning in support of combining the teachings of the three applied references. Id. Addressing the requirement to generate a second shared secret for a second IPsec test session using (i) the private key from the first IPsec test session and (ii) a second DUT public key generated after the first IPsec test session is established, the Examiner finds: Although not explicitly disclosed by Pyatkovskiy, before the effective filing date of the invention, it would have been obvious to try “utilizing the private key associated with the first test session” because the only other available options are to either: (1) utilize a new private key; or (2) refrain from utilizing a private key (see MPEP § 2143(I)(E)[4]). Id. at 2. Appellant’s Contention and Analysis Appellant contends the prior art and, in particular, Pyatkovskiy, fails to teach or suggest the disputed combination of keys and timing of key generation recited by the disputed limitations of the independent claims. Appeal Br. 12. Appellant argues “Pyatkovskiy discloses that the server uses the server private key during the client key exchange process . . . [not] retrieval of a private key after the establishing of a first IPsec test session and triggered upon the initiation of a second IPsec test session as set forth in independent claim 1.” Appellant emphasizes the claims recite “using a 4 “‘Obvious to try’- choosing from a finite number of identified, predictable solutions, with a reasonable expectation of success” Appeal 2019-005301 Application 14/014,315 6 private key associated with an established first session upon the initiation of a second/different session instead of using a private key that is included as a cryptographic variable of a particular [pre-calculated encryption data (PCCD)] set as described by the Examiner.” Id. at 13. According to Appellant: [T]he cited references do not teach or suggest generating a second shared secret key for the second IPsec test session by utilizing the retrieved private key associated with the first IPsec test session and a second DUT public key generated by and received from the DUT by the traffic emulation device after the first IPsec test session is established. Id. Appellant argues, although Pyatkovskiy teaches using multiple keys within each PCCD set of keys, there is no teaching to use some keys from one session with keys generated for another session as required by the claims: While appellant agrees that Pyatkovskiy may imply using both a second private key and a second DUT public key that belong to a second PCCD memory set to generate a second shared secret (e.g., see memory set 510-2 in Figure 5 of Pyatkovskiy), there is no teaching or motivation in Pyatkovskiy to combine, mix, or utilize different keys and variables “interchangeably” among the different and separate PCCD memory sets. Id. at 14. Appellant further argues it would not have been obvious to try using the first private key with the later-generated second DUT public key: [A]ppellant respectfully disagrees with the Examiner’s reasoning that it would have been obvious to try utilizing a private key associated with the first test session with any other test session (i.e., other than the first test session). It is respectfully submitted that there is no teaching, suggestion, or motivation in Pyatkovskiy, alone or in combination with Mukherjee and Hellman, to use a private key that is associated with a first PCCD Appeal 2019-005301 Application 14/014,315 7 memory set along with a public key that is included in a second memory set since Pyatkovskiy discloses the pre-calculation of all the values/keys of each PCCD memory set from the onset. To do otherwise would frustrate the aim of Pyatkovskiy, which is to have all of the values pre-calculated prior to executing any test session. Id. at 15. Appellant’s arguments are persuasive of reversible Examiner error. As argued by Appellant, Pyathoskiy generates pre-calculated encryption data (PCCD), i.e., sets of values/keys, prior to establishing any secure connections. Appeal Br. 14. According to the reference, “[a] simulated secure connection . . . may be opened using a selected PCCD set from the one or more PCCD sets without performing decryption processing.” Pyatkovskiy, Abstract (emphasis added). In contrast, we find inadequate evidence to support the Examiner’s position that it would have been obvious to reuse the Pyathoskiy’s private key from a first PCCD set of values/keys (i.e., the claimed private key associated with the first IPsec test session) with a public key from a second PCCD set of values/keys (i.e., the claimed second DUT public key generated after establishment of the first IPsec session). In particular, the Examiner’s reasoning for making the substitution “because the only other available options are to either: (1) utilize a new private key; or (2) refrain from utilizing a private key” (Advisory Act. 2), fails to address why, when Pyatkovskiy teaches pre-calculated sets of values/keys and use of a selected set to simulate a secure connection, one would instead mix and match values/keys from two different PCCD sets. Because we agree with at least one of the arguments advanced by Appellant, we need not reach the merits of Appellant’s other arguments. Appeal 2019-005301 Application 14/014,315 8 Accordingly, we do not sustain the rejection of independent claims 1, 12, and 23, each of which recite the argued limitation. Nor do we sustain the rejection of dependent claims 2–10 and 13–21, which stand with their respective base claims. CONCLUSION We reverse the Examiner’s decision to reject claims 1–10, 12–21, and 23 under 35 U.S.C. § 103. DECISION SUMMARY Claim(s) Rejected 35 U.S.C. § Reference(s)/Basis Affirmed Reversed 1–10, 12– 21, 23 103 Pyatkovskiy, Mukherjee, Hellman 1–10, 12– 21, 23 REVERSED