UNITED STATES PATENT AND TRADEMARK OFFICE
`
`BEFORE THE PATENT TRIAL AND APPEAL BOARD
`
`APPLE INC.,
`Petitioner,
`v.
`UNIVERSAL SECURE REGISTRY LLC,
`Patent Owner.
`_________________________________________
`Case CBM2018-00024
`U.S. Patent No. 8,577,813
`________________________________________
`
`DECLARATION OF ARI JUELS
`
`Apple 1226
`Apple v. USR
`CBM2018-00024
`
`
`
`BEFORE THE PATENT TRIAL AND APPEAL BOARD
`
`APPLE INC.,
`Petitioner,
`v.
`UNIVERSAL SECURE REGISTRY LLC,
`Patent Owner.
`_________________________________________
`Case CBM2018-00024
`U.S. Patent No. 8,577,813
`________________________________________
`
`DECLARATION OF ARI JUELS
`
`Apple 1226
`Apple v. USR
`CBM2018-00024
`
`
`
`Contents
`
`I. QUALIFICATIONS ........................................................................................... 1
`II. LEGAL PRINCIPLES ........................................................................................ 3
`A. Claim Construction ........................................................................................ 3
`B. Anticipation ................................................................................................... 4
`C. Obviousness ................................................................................................... 5
`D. Person of Ordinary Skill In The Art .............................................................. 9
`III. THE ’585 REFERENCE ................................................................................ 10
`A. Overview ..................................................................................................... 10
`B. The ’585 Reference Is Not Limited To One-Way Functions ...................... 17
`C. The ’585 Reference Discloses The Claimed Seed ...................................... 19
`IV. AVAILABILITY FOR CROSS-EXAMINATION ....................................... 23
`V. RIGHT TO SUPPLEMENT ............................................................................. 24
`VI.
`JURAT ............................................................................................................ 25
`
`
`
`
`i
`
`
`
`U.S. Patent No. 8,577,813
`Declaration in Support of Petitioner’s Reply
`
`I, Ari Juels, declare as follows:
`1.
`I have been retained by Apple Inc. (“Petitioner”) in connection with
`
`the above-captioned inter partes review proceeding.
`
`2.
`
`I am a named inventor of the International Patent Application
`
`Publication No. WO 2004/051585 (the “’585 reference,” which is also referred to
`
`elsewhere in this proceeding as the “Jakobsson” reference). I submit this
`
`Declaration to respond to the statements and opinions provided by Markus
`
`Jakobsson, my co-inventor on the ’585 reference and Patent Owner’s expert
`
`witness. In my opinion, Dr. Jakobsson has again grossly mischaracterized the ’585
`
`reference and interprets its teachings in a way that is inconsistent with the purpose,
`
`spirit, and words of the ’585 reference. In addition, his testimony includes
`
`numerous misleading and/or technically incorrect statements that I rebut in the
`
`following paragraphs.
`
`3.
`
`I am being compensated at my normal consulting rate for my work.
`
`My compensation is not dependent on the outcome of this proceeding or the related
`
`litigation, and does not affect the substance of my statements in this Declaration. I
`
`have no financial interest in Petitioner or the ’813 patent.
`
`I.
`
`QUALIFICATIONS
`4. My qualifications are detailed in my curriculum vitae, which is
`
`attached hereto as Appendix A. It includes my academic background, employment
`
`1
`
`
`
`U.S. Patent No. 8,577,813
`Declaration in Support of Petitioner’s Reply
`history, professional experience, and a list of patents and publications for which I
`
`am an inventor and/or author.
`
`5.
`
`I am a full professor at the Jacobs Technion-Cornell Institute at
`
`Cornell Tech, with an associated faculty appointment at Cornell University. I have
`
`been on the faculty at Cornell Tech and regularly taught master’s and Ph.D.-level
`
`courses since 2014. I am also a Co-Director of the Initiative for CryptoCurrencies
`
`and Contracts (IC3). I served previously as Chief Scientist at RSA, where I
`
`worked for over sixteen years. I received my Ph.D. in computer science from the
`
`University of California at Berkeley in 1996.
`
`6.
`
`I hold over 120 issued patents, and have published over 100 scholarly
`
`works in peer-reviewed venues. According to Google Scholar, my work has
`
`received over 30,000 citations; four of my papers are among the top hundred most
`
`cited in security. My notable awards over the past ten years include a 2nd-place
`
`prize at the EMC Innovation Showcase in 2011, NYU-Poly Applied Security paper
`
`awards (3rd and 2nd) in 2012 and 2013, my winning the Cisco Internet of Things
`
`Security Grand Challenge in 2014, a Google Faculty Research Award in 2015, an
`
`IBM Faculty Research Award in 2016, Distinguished Student Paper Awards in
`
`2015 and 2016 from IEEE S&P (a top-four international security conference), a
`
`faculty teaching award at Cornell Tech in 2018, and a test-of-time award in 2019
`
`2
`
`
`
`U.S. Patent No. 8,577,813
`Declaration in Support of Petitioner’s Reply
`from NDSS (a top-four international security conference, where I also gave the
`
`keynote talk in 2018).
`
`7.
`
`In preparing this Declaration, I have reviewed the following materials:
`
`• Petition (Paper 3) and the exhibits cited therein
`• U.S. Patent No. 8,577,813 (Ex-1101)
`• Patent Owner’s Preliminary Response (Paper 7) and the exhibits cited
`therein
`• Declaration of Markus Jakobsson In Support Of Patent Owner’s Preliminary
`Response (Ex-2001) and the exhibits cited therein
`• Patent Owner’s Response (Paper 20) and the exhibits cited therein
`• International Patent Application Publication No. WO 2004/051585 (the
`“’585 reference”) (Ex-1214)
`• Declaration of Markus Jakobsson In Support Of Patent Owner Response
`(Ex-2013) and the exhibits cited therein
`• Transcript of April 24, 2019 deposition of Markus Jakobsson (Ex-XXXX,
`Jakobsson-Dep.)
`II. LEGAL PRINCIPLES
`8.
`I am not an attorney. For purposes of this Declaration, I have been
`
`informed about certain aspects of the law that may be relevant to my analysis and
`
`opinions.
`
`A. Claim Construction
`9.
`I have been informed that claim construction is a matter of law and
`
`that the final claim construction will ultimately be determined by the Board.
`
`3
`
`
`
`U.S. Patent No. 8,577,813
`Declaration in Support of Petitioner’s Reply
`I have been informed that the claim terms for this IPR review should
`
`10.
`
`be given their broadest reasonable construction in light of the specification as
`
`commonly understood by a person of ordinary skill in the art (“POSITA”). I have
`
`applied this standard in my analysis. I have been informed that the broadest
`
`reasonable interpretation must be consistent with the ordinary and customary
`
`meaning of the term (unless the term has been given a special definition in the
`
`specification). I have also been informed and understand that the broadest
`
`reasonable interpretation must be consistent with the use of the claim term in the
`
`specification and drawings and must be consistent with the interpretation that those
`
`skilled in the art would reach.
`
`11.
`
`I have been informed and understand that under a broadest reasonable
`
`interpretation, words of the claim must be given their plain meaning, unless such
`
`meaning is inconsistent with the specification. The plain meaning of a term means
`
`the ordinary and customary meaning given to the term by those of ordinary skill in
`
`the art at the time of the invention.
`
`B. Anticipation
`12.
`I have been informed and understand that a patent claim is invalid as
`
`“anticipated” if each element of that claim is present either explicitly or inherently
`
`in a single prior art reference.
`
`4
`
`
`
`U.S. Patent No. 8,577,813
`Declaration in Support of Petitioner’s Reply
`I have been informed that, under the principle of inherency, a prior art
`
`13.
`
`reference may anticipate a claimed invention even if the reference does not
`
`expressly disclose every limitation of the later invention, so long as any limitation
`
`not expressly disclosed is necessarily present in the reference. I have also been
`
`informed that to be an inherent disclosure, the limitation must necessarily be
`
`contained in the prior art reference and the mere fact that the method or system
`
`described in the reference might possibly (or sometimes) practice or contain a
`
`claimed limitation is insufficient to establish that the reference inherently teaches
`
`the limitation.
`
`14.
`
`I have been informed that material not explicitly contained in a single,
`
`prior art document may still be considered for purposes of anticipation if that
`
`material is incorporated by reference into the prior art document.
`
`15.
`
`I have also been informed and understand that a prior art reference is
`
`considered enabling when the reference permits a POSITA to make and use the
`
`disclosed technology without having to conduct undue experimentation. However,
`
`some amount of experimentation to make and use the invention is allowable.
`
`C. Obviousness
`16.
`I have been informed and understand that a patent claim can be
`
`considered to have been obvious to a POSITA at the time the application was filed.
`
`This means that, even if all the requirements of a claim are not found in a single
`
`5
`
`
`
`U.S. Patent No. 8,577,813
`Declaration in Support of Petitioner’s Reply
`prior art reference, the claim is not patentable if the differences between the subject
`
`matter in the prior art and the subject matter in the claim would have been obvious
`
`to a POSITA at the time the application was filed.
`
`17.
`
`I have been informed and understand that a determination of whether
`
`a claim would have been obvious should be based upon several factors, including,
`
`among others:
`
`• the level of ordinary skill in the art at the time the application was
`
`filed;
`• the scope and content of the prior art; and
`• what differences, if any, existed between the claimed invention and
`
`the prior art.
`
`18.
`
`I have been informed and understand that the teachings of two or
`
`more references may be combined in the same way as disclosed in the claims, if
`
`such a combination would have been obvious to a POSITA. In determining
`
`whether a combination based on either a single reference or multiple references
`
`would have been obvious, it is appropriate to consider, among other factors:
`
`• whether the teachings of the prior art references disclose known
`
`concepts combined in familiar ways, and when combined, would yield
`
`predictable results;
`
`6
`
`
`
`U.S. Patent No. 8,577,813
`Declaration in Support of Petitioner’s Reply
`• whether a POSITA could implement a predictable variation, and
`
`would see the benefit of doing so;
`• whether the claimed elements represent one of a limited number of
`
`known design choices, and would have a reasonable expectation of
`
`success by those skilled in the art;
`• whether a POSITA would have recognized a reason to combine
`
`known elements in the manner described in the claim;
`• whether there is some teaching or suggestion in the prior art to make
`
`the modification or combination of elements claimed in the patent;
`
`and
`• whether the innovation applies a known technique that had been used
`
`to improve a similar device or method in a similar way.
`
`19.
`
`I have been informed and understand that a POSITA has ordinary
`
`creativity, and is not an automaton.
`
`20.
`
`I have been informed and understand that in considering obviousness,
`
`it is important not to determine obviousness using the benefit of hindsight derived
`
`from the patent being considered.
`
`21.
`
`I have been informed and understand that certain factors may support
`
`or rebut the obviousness of a claim. I understand that such secondary
`
`considerations include, among other things, commercial success of the patented
`
`7
`
`
`
`U.S. Patent No. 8,577,813
`Declaration in Support of Petitioner’s Reply
`invention, skepticism of those having ordinary skill in the art at the time of
`
`invention, unexpected results of the invention, any long-felt but unsolved need in
`
`the art that was satisfied by the alleged invention, the failure of others to make the
`
`alleged invention, praise of the alleged invention by those having ordinary skill in
`
`the art, and copying of the alleged invention by others in the field. I understand
`
`that there must be a nexus, that is, a connection, between any such secondary
`
`considerations and the alleged invention. I also understand that contemporaneous
`
`and independent invention by others is a secondary consideration tending to show
`
`obviousness.
`
`22.
`
`I have been informed and understand that a claim would have been
`
`obvious if it unites old elements with no change to their respective functions, or
`
`alters prior art by mere substitution of one element for another known in the field,
`
`and that combination yields predictable results. Also, I understand that
`
`obviousness does not require physical combination/bodily incorporation, but rather
`
`consideration of what the combined teachings would have suggested to persons of
`
`ordinary skill in the art at the time of the alleged invention.
`
`23.
`
`I have been informed and understand that while it may be helpful to
`
`identify a reason for this combination, there is no rigid requirement of finding an
`
`express teaching, suggestion, or motivation to combine within the references.
`
`When a product is available, design incentives and other market forces can prompt
`
`8
`
`
`
`U.S. Patent No. 8,577,813
`Declaration in Support of Petitioner’s Reply
`variations of it, either in the same field or a different one. If a person of ordinary
`
`skill in the art can implement a predictable variation, obviousness likely bars its
`
`patentability. For the same reason, if a technique has been used to improve one
`
`device and a person of ordinary skill in the art would recognize that it would
`
`improve similar devices in the same way, using the technique would have been
`
`obvious. I understand that a claim would have been obvious if a person of
`
`ordinary skill in the art would have had reason to combine multiple prior art
`
`references or add missing features to reproduce the alleged invention recited in the
`
`claims.
`
`D.
`24.
`
`Person of Ordinary Skill In The Art
`I have been informed that a POSITA is a hypothetical person to whom
`
`an expert in the relevant field could assign a routine task with reasonable
`
`confidence that the task would be successfully carried out. I understand that the
`
`level of ordinary skill may be reflected by the prior art of record, and that a person
`
`of ordinary skill in the art to which the claimed subject matter pertains would have
`
`the capability of understanding the scientific and engineering principles applicable
`
`to the pertinent art. I understand that one of ordinary skill in the art has ordinary
`
`creativity, and is not an automaton robot.
`
`25.
`
`I understand there are multiple factors relevant to determining the
`
`level of ordinary skill in the art, including: (1) the levels of education and
`
`9
`
`
`
`U.S. Patent No. 8,577,813
`Declaration in Support of Petitioner’s Reply
`experience of persons working in the field at the time of the invention; (2) the
`
`sophistication of the technology; (3) the types of problems encountered in the field;
`
`and (4) the prior art solutions to those problems
`
`26. At the time the ’813 patent was effectively filed, a POSITA would
`
`have had a Bachelor’s Degree in electrical engineering, computer science, or a
`
`related scientific field. A POSITA would also have approximately two years of
`
`work experience in the computer science field or a related scientific field such as
`
`operating systems, database management, encryption, security algorithms, and
`
`secure transaction systems. However, additional education could substitute for less
`
`work experience and vice versa.
`
`27. Based on my experience, I have an understanding of the capabilities
`
`of a person of ordinary skill in the relevant field. I have supervised and directed
`
`many such persons over the course of my career. Further, I had at least those
`
`capabilities myself at the time the patent was filed.
`
`III. THE ’585 REFERENCE
`A. Overview
`28.
`I am a named inventor of the ’585 reference.
`
`29. The ’585 reference is titled “Identity Authentication System and
`
`Method,” and discloses a variety of systems and methods for authenticating a user
`
`for a variety of applications. Specifically, it describes means by which what are
`
`10
`
`
`
`U.S. Patent No. 8,577,813
`Declaration in Support of Petitioner’s Reply
`referred to as event states may be transmitted to a receiver through embedding in
`
`authentication codes. Event states, which is information about the state of the
`
`device associated with the occurrence or non-occurrence of an event, are, broadly
`
`speaking, data that usefully informs the process of authenticating users. They can
`
`include anything from reports on token tampering to biometric authentication
`
`results. The benefit of embedding event states in authentication codes is that the
`
`event states can provide context for these codes and/or supplement them with
`
`additional authentication information that can lead to higher-fidelity user
`
`authentication. In the exemplary embodiment disclosed in Figure 1, the ’585
`
`reference discloses a user 110 using user authentication device 120 can
`
`communicate with a verifier 105.
`
`Ex-1214, ’585 reference, Fig. 1.
`
`
`
`11
`
`
`
`U.S. Patent No. 8,577,813
`Declaration in Support of Petitioner’s Reply
`30. The ’585 reference discloses that the user can be authenticated at the
`
`user authentication device 120 (i.e., a “local authentication”). See Ex-1214, ’585
`
`reference, [0059] (“a first authentication of user 110 is performed by the user
`
`authentication device 120 based on information supplied to the authentication
`
`device 120 by the user 110”). This local authentication is usually performed by
`
`comparing a value received from the user with a value stored by the user
`
`authentication device 120. These values can comprise PINs, passwords, or
`
`biometric information. Id. (“the information supplied by the user may be a PIN, a
`
`password or biometric information”).
`
`31. The ’585 reference also discloses various methods for authenticating
`
`the user with the verifier 105 (i.e., a “remote authentication”). These methods
`
`generally involve generating an authentication code using the user authentication
`
`device 120 that is sent to the verifier. The verifier validates the authentication code
`
`generated by the user authentication device 120 to authenticate the user 110. As
`
`illustrated in Figure 2, the ’585 reference discloses that the user authentication
`
`device 120 uses a number of different algorithms performed by the combination
`
`function 230 to generate an authentication code.
`
`12
`
`
`
`U.S. Patent No. 8,577,813
`Declaration in Support of Petitioner’s Reply
`
`Ex-1214, ’585 reference, Fig. 2.
`
`
`
`32. As shown in Figure 2, the combination function combines various
`
`inputs to generate an authentication code. Ex-1214, ’585 reference, [0060]
`
`(“various values are combined by a combination function 230 to generate an
`
`authentication code”). These values include “device secret (K) associated with the
`
`user authentication device 120, a dynamic, time-varying value (T) generated by the
`
`user authentication device 120, and an event state (E) representing the occurrence
`
`of one or more events.” Id. The user authentication device 120 can also use
`
`various forms of user data called “User Data (P)” as an input to the combination
`
`function 230. Id., [0072] (“User data (P) can also be provided as input to the
`
`combination function 230.”). User Data (P) includes PINs, passwords, and
`
`biometric information. Id. (“The user data (P) is a unit of information such as an
`
`alphanumeric character string, or a strictly numerical value, for example a personal
`
`identification number (PIN) or password. In one embodiment, the user data (P) is
`
`13
`
`
`
`U.S. Patent No. 8,577,813
`Declaration in Support of Petitioner’s Reply
`information uniquely associated with the user 110. The user data (P) can also be
`
`obtained by biometric measurement or observation.”).
`
`33. The combination function 230 combines input values using a variety
`
`of algorithms. For example, the combination function 230 can generate an
`
`authentication code by arithmetically adding inputs. Ex-1214, ’585 reference,
`
`[0058] (“user authentication device 120 generates an authentication code by
`
`arithmetically combining a secret stored by the user authentication device 120 and
`
`a user-supplied PIN”). In some embodiments, the combination function can use a
`
`one-way function1 to combine the input values. Id., [0071] (“For example, in one
`
`simplistic embodiment, a one-way function such as a hash function, is applied to
`
`the values (K, T, E), and the result truncated to the right length, in order to arrive at
`
`a resulting authentication code.”). In still other embodiments, the combination
`
`function can generate an authentication code by “prepending or appending” inputs,
`
`or combining inputs “using a block cipher or other one-way function, or other
`
`algorithm, or a combination of these and other techniques that combine two or
`
`
`1 As the ’585 reference explains, a one-way function is “a mathematical function
`
`that maps a universe of input values to a universe of output values in such a way
`
`that knowledge of the output of the function does not allow one to reconstruct the
`
`input provided.” Ex-1214, ’585 reference, [0071].
`
`14
`
`
`
`U.S. Patent No. 8,577,813
`Declaration in Support of Petitioner’s Reply
`more input values together.” Id., [0073], [0093]. Prepending or appending can
`
`consist of concatenating bits that represent each of the various inputs together such
`
`that the end of a string of bits that represents one input is adjacent to the beginning
`
`of a string of bits that represents a second input.
`
`34. Once the authentication code is generated, it is generally transmitted
`
`to the verifier 105 to conduct a remote authentication. This remote authentication
`
`can also occur in multiple ways. In one embodiment, “the verifier 105 performs an
`
`algorithmic calculation on a received authentication code that ‘reverses’ some or
`
`all of an algorithmic calculation performed by the user authentication device 120.”
`
`Ex-1214, ’585 reference, [0058]. In this example, the “verifier 105 compares the
`
`result … to the value of the secret stored on the user's authentication device 120, or
`
`to the value that should have been generated at that time by the device 120. . . . If
`
`they match, the user is authenticated. If they do not match, user authentication
`
`fails.” Id.
`
`35. The remote authentication can also be conducted in other ways. In
`
`one example, the authentication code is encrypted by the user authentication device
`
`and decrypted by the verifier 105. Id. (“In some embodiments the verifier 105
`
`decrypts a value encrypted by the user authentication device 120 using symmetric
`
`key encryption or asymmetric encryption techniques, such as public key
`
`encryption.”). In some examples, the verifier 105 calculates a series of
`
`15
`
`
`
`U.S. Patent No. 8,577,813
`Declaration in Support of Petitioner’s Reply
`authentication codes depending on the possible authentication codes generated by
`
`the user authentication device 120. Id. (“In some embodiments, the verifier 105
`
`also calculates the authentication code with an input that indicates whether one or
`
`more events have occurred.”); id., [0050] (“In some embodiments, the verifier can
`
`determine authentication codes for a number of possible events and event states
`
`such that a number of authentication codes that can successfully authenticate the
`
`user 110 are possible.”). In this example, the verifier 105 “compares the
`
`authentication information received over communications channel 170 and the
`
`authentication information generated by the verifier 105 to determine whether any
`
`match.” Ex-1214, ’585 reference, [0050]; see also id. (“In further embodiments,
`
`where a plurality of authentication codes that can successfully verify the user 110
`
`are possible, the verifier 105 first determines an expected authentication code for
`
`an expected event state, and if the verifier receives a different authentication code,
`
`determines and compares authentication codes for other possible event states
`
`before indicating whether the authentication device has been successfully
`
`verified.”).
`
`36. Following a remote authentication attempt, the verifier “can
`
`communicate positive or negative acknowledgement . . . to the device 120 or
`
`directly to the user” to indicate a successful or failed authentication attempt. Ex-
`
`1214, ’585 reference at [0050].
`
`16
`
`
`
`U.S. Patent No. 8,577,813
`Declaration in Support of Petitioner’s Reply
`B.
`The ’585 Reference Is Not Limited To One-Way Functions
`37. Dr. Jakobsson testified that the ’585 reference stands in “direct
`
`contrast” to a system that uses encryption and decryption to protect user
`
`information and insists that “there is no decryption” in the ’585 reference. Ex-
`
`2011, Jakobsson-Decl., ¶82. I disagree. This testimony is simply not credible
`
`because the ’585 reference repeatedly discloses that encryption and decryption are
`
`used in connection with creating and verifying authentication codes. Ex-1214,
`
`’585 reference, [0058], [0072].
`
`38. Dr. Jakobsson also testified that the ’585 reference “utilizes a one-way
`
`function for user protection,” but as discussed above, the ’585 reference discloses
`
`many examples of authentication techniques and a number of algorithms that can
`
`be used by the combination function 230 to generate an authentication code. The
`
`’585 reference does not require the use of one-way functions to create an
`
`authentication code and discloses examples that do not use one-way functions. For
`
`example, in [0058], the ’585 reference discloses that the user authentication device
`
`120 generates an authentication code by arithmetically combining a secret stored
`
`by the user authentication device 120 and a user-supplied PIN. When the verifier
`
`receives the authentication code described in [0058], the verifier decrypts the
`
`authentication code and then compares the result of the decryption with a stored
`
`secret to authenticate it. This example uses an encrypt-decrypt model where an
`
`17
`
`
`
`U.S. Patent No. 8,577,813
`Declaration in Support of Petitioner’s Reply
`authentication code is created, encrypted, sent to the verifier, decrypted and then
`
`verified (i.e., an “encrypt and decrypt” model). It does not involve any hash
`
`function or any other one-way functions. In contrast to the encrypt and decrypt
`
`model described in [0058], other examples in the ’585 reference disclose using a
`
`hash function to create an authentication code. These examples are different from
`
`the encrypt and decrypt model because an authentication code is created, processed
`
`using a hash function, and transmitted to the verifier, which creates its own
`
`authentication code. The verifier processes the authentication code it created using
`
`a hash function, and then compares the two hashed authentication codes to
`
`authenticate the user (i.e., a “hash and compare” model).
`
`39.
`
`In other examples, the ’585 reference discloses the use of asymmetric
`
`encryption techniques to authenticate the user. Ex-1214, ’585 reference, [0058]
`
`(“In some embodiments the verifier 105 decrypts a value encrypted by the user
`
`authentication device 120 using symmetric key encryption or asymmetric
`
`encryption techniques, such as public key encryption.”). A POSITA would have
`
`understood that the use of asymmetric encryption would obviate the need for use of
`
`one-way functions in the combination function. Use of a one-way function in a
`
`combination function serves to incorporate event states into a token emission in a
`
`cryptographically concealed form. Asymmetric encryption also accomplishes this
`
`goal. In fact, it provides stronger security than a one-way function, in the sense
`
`18
`
`
`
`U.S. Patent No. 8,577,813
`Declaration in Support of Petitioner’s Reply
`that it can achieve forward security, meaning that an adversary that compromises a
`
`token and learns its stored keys cannot determine the plaintext associated with an
`
`asymmetric ciphertext. In contrast, such an adversary can extract low-entropy data
`
`input to a one-way function, and indeed, in a setting where a one-way function
`
`alone is used, the adversary possesses knowledge equivalent to that of the verifier.
`
`A POSITA would therefore prefer use of asymmetric encryption where feasible.
`
`Asymmetric ciphertexts are longer than typical passcodes, and thus feasible only
`
`where wireless transmission of token data is supported. This is an option that the
`
`‘585 reference explicitly teaches as a possible embodiment.
`
`40. The ’585 reference never specifies that one-way functions are critical
`
`to the disclosure of the reference because one-way functions are not required, but
`
`are instead exemplary techniques (as are the prepending, appending, and
`
`asymmetric encryption techniques).
`
`C. The ’585 Reference Discloses The Claimed Seed
`41. Dr. Jakobsson testified that “it makes no sense to call authentication
`
`code 290” a seed because “[t]here is no other use of this value – ever.” Ex-2011,
`
`Jakobsson-Decl., ¶¶98-100 (“it makes no sense to call authentication code 290, i.e.,
`
`the output of Jakobsson’s combination function, a seed. Indeed, the Petition uses
`
`this output of the combination function only as an input to another application of
`
`the same combination function.”). I disagree.
`
`19
`
`
`
`U.S. Patent No. 8,577,813
`Declaration in Support of Petitioner’s Reply
`42. The term “seed” denotes in the literature on cryptography a secret
`
`value that is provided as input to a cryptographic operation, such as a pseudo-
`
`random function, whose goal is to generate unpredictable outputs. Consistent with
`
`this definition, the term may also refer to a secret value used generate the codes
`
`produced by an authentication device, such as RSA SecurID. The ’813 patent
`
`specification uses the term “seed” in this sense.
`
`43. The ’813 patent specification includes only two paragraphs that use
`
`the term “seed” and they describe a construct whereby a seed is a combination of
`
`input values that are used to create an authentication code. See Ex-1201, ’813
`
`patent, 46:46-67 (“any two of the PIN, the biometric information, the electronic
`
`serial number, a discrete code associated with the device and the identifying
`
`information concerning the selected account are employed to generate a seed from
`
`which further authentication information is generated, for example, to generate a
`
`seed from which a non-predictable value can be generated by the user device 352.
`
`…In accordance with another embodiment, all four of the PIN, the biometric
`
`information, the electronic serial number and the identifying information
`
`concerning the selected account are employed to generate the seed.”) (emphases
`
`added).
`
`44.
`
`It is my opinion that the ʼ585 patent specification teaches the
`
`generation of a value that corresponds to a seed as disclosed in the ’813 patent
`
`20
`
`
`
`U.S. Patent No. 8,577,813
`Declaration in Support of Petitioner’s Reply
`specification. For example, [0073] of the ’585 patent specification discloses
`
`authentication code generation in a manner that is multi-stage or recursive. Ex-
`
`1214, ’585 reference, [0073] (“In one particular embodiment, the user
`
`authentication device 120 first combines (K, T, E) to generate an authentication
`
`code A (K, T, E) 291 as described above. The combination function 230 then
`
`combines the generated authentication code 291 with the PIN (P) to generate an
`
`authentication code 292 that is a function of (K, T, E, P).”). Additionally, it
`
`explicitly notes that generation can involve use of these values in any order. Ex-
`
`1214, ’585 reference, [0073] (“The combination function 230 can combine these
`
`values (K, T, E, P) in any order (and with other values not mentioned) to generate
`
`the authentication code 292.”).
`
`45. Consequently, the ’585 patent specification teachings include, for
`
`example, a computation in which a first authentication code is generated by
`
`combining K, E, and P and said first authentication code is then combined by the
`
`combination function 230 with T to generate a second authentication code 292 that
`
`is subsequently transmitted to the verifier. In such an embodiment, the first
`
`authentication code is consistent with a seed that includes “any two o
Accessing this document will incur an additional charge of $.
After purchase, you can access this document again without charge.
Accept $ Charge
Still Working On It
This document is taking longer than usual to download. This can happen if we need to contact the court directly to obtain the document and their servers are running slowly.
Give it another minute or two to complete, and then try the refresh button.
A few More Minutes ... Still Working
It can take up to 5 minutes for us to download a document if the court servers are running slowly.
Thank you for your continued patience.
This document could not be displayed.
We could not find this document within its docket. Please go back to the docket page and check the link. If that does not work, go back to the docket and refresh it to pull the newest information.
Your account does not support viewing this document.
You need a Paid Account to view this document. Click here to change your account type.
Your account does not support viewing this document.
Set your membership
status to view this document.
With a Docket Alarm membership, you'll
get a whole lot more, including:
- Up-to-date information for this case.
- Email alerts whenever there is an update.
- Full text search for other cases.
- Get email alerts whenever a new case matches your search.
One Moment Please
The filing “” is large (MB) and is being downloaded.
Please refresh this page in a few minutes to see if the filing has been downloaded. The filing will also be emailed to you when the download completes.
Your document is on its way!
If you do not receive the document in five minutes, contact support at support@docketalarm.com.
Sealed Document
We are unable to display this document, it may be under a court ordered seal.
If you have proper credentials to access the file, you may proceed directly to the court's system using your government issued username and password.
Access Government Site
