IN THE UNITED STATES PATENT AND TRADEMARK OFFICE
`
`
`Asghari-Kamrani, et al.
`In re Patent of:
`8,266 ,432
`Attorney Docket No.: 36137-0007IP1
`U.S. Patent No.:
`September 11, 2012
`
`Issue Date:
`Appl. Serial No.: 12/210,926
`
`Filing Date:
`September 15, 2008
`
`Title:
`CENTRALIZED IDENTIFICATION AND
`AUTHENTICATION SYSTEM AND METHOD
`
`
`DECLARATION OF SETH NIELSON
`
`I.
`
`Personal Work Experience and Awards
`
`1. My name is Seth Nielson, Adjunct Associate Research Scientist at
`
`The Johns Hopkins University. I am also currently a Principal at Harbor Labs, Inc.,
`
`an independent consulting firm. In addition to the below summary, a copy of my
`
`current curriculum vitae more fully setting forth my experience and qualifications
`
`is submitted herewith as Appendix A.
`
`2.
`
`I have more than 15 years of dual industrial and academic experience
`
`in Computer Science. I received a B.S. in Computer Science in 2000 and my M.S.
`
`in Computer Science in 2004, both from Brigham Young University in Provo, UT.
`
`I received my Ph.D. in Computer Science in 2009 from Rice University in
`
`Houston, TX. My doctoral dissertation concerned “Designing Incentives for Peer-
`
`to-Peer Systems.” I am the recipient of the Brown Fellowship and a Graduate
`
`Fellowship from the Rice University Computer Science Department. I was also a
`
`John and Eileen Tietze Fellow.
`
`
`
`Page 1 of 77
`
`
`
`
`USAA 1003
`
`
`
`
`Asghari-Kamrani, et al.
`In re Patent of:
`8,266 ,432
`Attorney Docket No.: 36137-0007IP1
`U.S. Patent No.:
`September 11, 2012
`
`Issue Date:
`Appl. Serial No.: 12/210,926
`
`Filing Date:
`September 15, 2008
`
`Title:
`CENTRALIZED IDENTIFICATION AND
`AUTHENTICATION SYSTEM AND METHOD
`
`
`DECLARATION OF SETH NIELSON
`
`I.
`
`Personal Work Experience and Awards
`
`1. My name is Seth Nielson, Adjunct Associate Research Scientist at
`
`The Johns Hopkins University. I am also currently a Principal at Harbor Labs, Inc.,
`
`an independent consulting firm. In addition to the below summary, a copy of my
`
`current curriculum vitae more fully setting forth my experience and qualifications
`
`is submitted herewith as Appendix A.
`
`2.
`
`I have more than 15 years of dual industrial and academic experience
`
`in Computer Science. I received a B.S. in Computer Science in 2000 and my M.S.
`
`in Computer Science in 2004, both from Brigham Young University in Provo, UT.
`
`I received my Ph.D. in Computer Science in 2009 from Rice University in
`
`Houston, TX. My doctoral dissertation concerned “Designing Incentives for Peer-
`
`to-Peer Systems.” I am the recipient of the Brown Fellowship and a Graduate
`
`Fellowship from the Rice University Computer Science Department. I was also a
`
`John and Eileen Tietze Fellow.
`
`
`
`Page 1 of 77
`
`
`
`
`USAA 1003
`
`
`
`
`
`3.
`
`
`
`
`
`
`
`During my final undergraduate semester, I worked both as a teaching
`
`assistant for the Computer Networking course and as a researcher in the
`
`Networked Computing Lab. In these capacities, I assisted students in debugging
`
`and designing their TCP/IP protocol stacks, ARP protocol implementations, and
`
`RPC projects. I also collaborated in investigating statistical traffic engineering for
`
`bandwidth allocation which culminated in a published paper entitled, “Effective
`
`Bandwidth for Traffic Engineering.”
`
`4.
`
`Effective bandwidth relates to the concept of bandwidth reservation
`
`for quality of service guarantees. On data connections designed to carry large
`
`quantities of data for many users, some users may pay extra to guarantee a certain
`
`quality of service. Nevertheless, given enough users, at any given time some
`
`percentage of users with guarantees will not be utilizing their full capacity.
`
`Effective bandwidth is a statistical model that dictates how many users can be
`
`guaranteed service under these conditions.
`
`5.
`
`During my graduate work I have also published additional papers
`
`related to networking and computer security. In 2005, I published a paper entitled,
`
`“A Taxonomy of Rational Attacks.” This paper categorized and described the
`
`various types of attacks that one might see in a decentralized, peer-to-peer (p2p)
`
`network. When there is no centralized authority, users have to cooperate to obtain
`
`
`
`
`Page 2 of 77
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`service. Rational attacks refers to the economic incentives to not cooperate while
`
`still exploiting the system for service.
`
`6. My thesis, “Designing Incentives for Peer-to-Peer Systems” built on
`
`this concept. Given a network where participants cannot be forced to cooperate,
`
`the operation of said network must induce cooperation by design of the outcomes.
`
`In other words, it must be in each participant’s best interest to contribute to the
`
`cooperative operation. Experiments included simulated extensions to the
`
`BitTorrent peer-to-peer protocol for long-term identities and mechanisms for
`
`cooperative anonymity. I constructed my own simulator of the BitTorrent
`
`protocol, and simulated thousands of hours of operations. For further accuracy and
`
`realism, I cooperated with researchers at other universities that provided me with
`
`real data traces of BitTorrent users that used long term identifiers such as a login
`
`name.
`
`7.
`
`From 2001 through 2003, I worked as a software engineer at
`
`Metrowerks (formerly Lineo, Inc.). There I gained substantial experience in
`
`software architecture, computer networking, and technical project management. In
`
`particular, I developed and maintained the GUI for the Embedix SDK, ported the
`
`Linx GUI of the Embedix SDK to Windows, created an automated system to
`
`forward Linux python scripts to a Windows GUI, and developed a packaging and
`
`automated updating system for client software.
`
`Page 3 of 77
`
`
`
`
`
`
`
`
`
`
`8.
`
`
`
`
`
`
`
`During the 2004 fall semester of my Ph.D. program at Rice
`
`University, I identified a security vulnerability in the Google Desktop Search that
`
`could have allowed hackers to compromise users’ computers and obtain private
`
`information. After contacting Google and assisting them in closing the
`
`vulnerability, we published the details of our investigation.
`
`9.
`
`Later, in 2005, I completed an internship at Google, where I designed
`
`and implemented a solution to privacy loss in Google Web Accelerator. The
`
`Google Web Accelerator was designed to increase the speed of browsing the
`
`Internet. Once installed on a user’s computer, the browser would request all
`
`content through a Google Proxy. The proxy performed pre-fetching and extensive
`
`caching in order to provide fast and responsive service to the user. At the time of
`
`my internship, news reports had identified odd problems in which users of the
`
`Accelerator were accessing other individual’s private pages. During my internship,
`
`I designed and implemented a prototype solution for this issue.
`
`10. From 2005 through 2011, I worked as a Security Analyst and later a
`
`Senior Security Analyst for Independent Security Evaluators. There, I developed a
`
`parallel-processing based security tool, developed a FIPS-certified encryption
`
`library, developed hardware-accelerated encryption algorithms, developed
`
`encrypted file-system prototypes, developed an encryption library for an ISE
`
`client, performed port-scanning analyses, evaluated security protocols using formal
`
`Page 4 of 77
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`methods and hand analysis, and evaluated security failures. I also designed and
`
`managed the implementation of a secure communication technology that splits
`
`trust between multiple SSL Certificate Authorities (CA), so that if one CA is
`
`compromised, the communication stream can still be safely authenticated. My
`
`work on the secure communications technology project led to the issuance of
`
`multiple patents including U.S. 8,745,372 entitled ―Systems and Methods for
`
`Securing Data in Motion.
`
`11.
`
`In 2011, I began work as a Research Scientist at Harbor Labs. I am
`
`now a Principal, specializing in network security, network communications,
`
`software architecture, and programming languages. I have analyzed an extensive
`
`collection of commercial software, including software related to secure email,
`
`cloud-based multimedia delivery, document signing, anti-virus and anti-intrusion,
`
`high-performance routing, networking protocol stacks in mobile devices, PBX
`
`telecommunications software, VoIP, and peer-to-peer communications. I have also
`
`analyzed security considerations for potential technology acquisitions, re-created
`
`heuristic signatures for 1995-era viruses, and re-created a 1995-era network for
`
`testing virus scanners of that time period in gateway virus scanning. I, and teams
`
`under my direction, also review technologies for compliance with various
`
`standards such as HIPAA and also for security vulnerabilities.
`
`
`
`
`Page 5 of 77
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`12.
`
`In particular, I have reviewed and analyzed the design and
`
`implementation of multiple security-related gateway products. This includes
`
`industrial-grade firewalls that employ anti-virus and anti-malware engines for
`
`processing network traffic. I have also reviewed other gateway products that
`
`provide secure storage to cloud devices.
`
`13.
`
`I have also assessed the security and privacy technologies and policies
`
`provided by a third-party vendor to the Center for Copyright Infringement (CCI).
`
`CCI represents content owners, such as the RIAA and the MPAA, in finding and
`
`reducing piracy online. Because this process necessarily involves collecting
`
`information about private individuals, I was asked to investigate and determine that
`
`the information collected from online computing devices was adequately
`
`safeguarded and protected.
`
`14.
`
`I am currently engaged as the Principal consultant with a large
`
`biomedical device firm in a one-year analysis of the security of their products. In
`
`particular, medical devices were for some time not considered significant threats in
`
`terms of computer security. However, recent demonstrations by security
`
`researchers of the various ways in which a malicious individual might harm a
`
`person hooked up to a medical device has shifted the thinking in the industry.
`
`Accordingly, Harbor Labs has been engaged to assist this company in the analysis
`
`of their products, their process, and their future roadmap in order to ensure that
`
`Page 6 of 77
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`patients are not harmed. This evaluation, under my direction, is analyzing design
`
`documents, hardware, and a broad range of additional resources in order to expose
`
`as many potential problems as possible for remediation. The security of these
`
`systems depends, in part, on the architecture and deployment of the networks in
`
`which they operate.
`
`15.
`
`In 2014 I received an appointment as a Lecturer at Johns Hopkins
`
`University and in 2015 I advanced to an Adjunct Associate Research Scientist. My
`
`responsibilities at Hopkins include teaching classes, mentoring students, and
`
`conducting research. More specifically, I currently teach the Network Security
`
`course for which I created the curriculum from scratch. As part of this curriculum,
`
`I designed a novel experimentation framework for allowing students to both build
`
`and attack security protocols. The course covered topics ranging from
`
`cryptography and access controls to network architecture and user psychology.
`
`16. One of the components of the students’ lab work is to create a
`
`protected sandbox for running untrusted code. The sandbox must provide access to
`
`the system in a manner that cannot be exploited. Conversely, the other half of their
`
`assignment is to design exploitative code that attempts to bypass and/or neutralize
`
`the protections of the sandbox environment. This experimental framework, enables
`
`the students to learn about creating, identifying, and neutralizing malware such as
`
`viruses.
`
`
`
`
`Page 7 of 77
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`17.
`
`In addition to my course instruction, I also mentor Masters students at
`
`Johns Hopkins in their capstone projects. These projects include networking
`
`security and privacy concerns across a wide range of technologies including iOS
`
`security, BitCoin, SSL vulnerabilities, and Twitter botnets. These are all
`
`contemporary issues in practical computer security.
`
`18. One group of students and I, for example, investigated the known
`
`Heartbleed vulnerability in certain versions of OpenSSL. Under my direction, the
`
`students created a vulnerable server to test. Once they were able to re-create the
`
`known vulnerability, they explored other ways of testing and finding
`
`vulnerabilities of the same sort using, for example, fuzzing.
`
`19. Another student performed an analysis on “bots” in social media such
`
`as Twitter. Twitter relies on advertising to make money as the individual users are
`
`not charged for their accounts. This advertising process is based, in part, on
`
`identifying “influential” individuals (i.e., individuals with a large number of
`
`friends). Unfortunately, “bots” are computer programs that can act like a real
`
`person on social media sites. Individuals will sell buyers an arbitrary number of
`
`“friends” that are, in fact, just bots. My student and I created an approach for
`
`mapping out these so-called “botnets” in a novel way that may be useful in
`
`deterring such botnets. We are currently working on a draft of this research to be
`
`submitted for publication.
`
`
`
`
`Page 8 of 77
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`20. Based on my technical education, and my years of professional
`
`experience as an engineer and research scientist, I have specialized knowledge in
`
`the field of computer security, network security, network communications,
`
`cryptography, and software architecture.
`
`21.
`
`I first served as an expert witness at the request of RMail in 2012.
`
`Since that time, I have been hired by numerous law firms to provide them and their
`
`clients with expert consultation and expert testimony, often in the areas of patent
`
`infringement litigation related to Computer Science.
`
`22. Based on my above-described 15 years of dual industrial and
`
`academic experience in Computer Science, I believe that I am considered to be an
`
`expert in the field of computer science generally, and more specifically in the
`
`fields of IT security and authentication.
`
`II. Materials Considered
`
`23.
`
`In writing this Declaration, I have considered the following: my own
`
`knowledge and experience, including my work experience in the fields of
`
`computer science and IT security and authentication; my industry experience with
`
`those subjects; and my experience in working with others involved in those fields.
`
`I have also analyzed the following publications and materials, in addition to other
`
`materials I cite in my declaration:
`
`
`
`
`Page 9 of 77
`
`
`
`
`
`
`
`
`
`
`
`
`
`
` U.S. Patent No. 8,266,432 and its accompanying prosecution history
`
`(“the ‘432 Patent”, Ex. 1001)
`
` U.S. Patent No. 5,740,361 (“Brown”, Ex. 1010)
`
` RFC 2560, Network Working Group (June 1999) (“Myers”, Ex. 1011)
`
` ISI Research Report, ISI/RS-94-399 (“Neuman”, Ex. 1012)
`
`24. Although for the sake of brevity this Declaration refers to selected
`
`portions of the cited references, it should be understood that one of ordinary skill in
`
`the art would view the references cited herein in their entirety, and in combination
`
`with other references cited herein or cited within the references themselves. The
`
`references used in this Declaration, therefore, should be viewed as being
`
`incorporated herein in their entirety.
`
`25.
`
`I am not currently and have not at any time in the past been an
`
`employee of United Services Automobile Association, Inc. (“USAA”). I have
`
`been engaged in the present matter to provide my independent analysis of the
`
`issues raised in the petition for post-grant review of the ‘432 patent. I received no
`
`compensation for this declaration beyond my normal hourly compensation based
`
`on my time actually spent studying the matter, and I will not receive any added
`
`compensation based on the outcome of this post-grant review of the ‘432 patent.
`
`
`
`
`Page 10 of 77
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`III. Person of Ordinary Skill in the Art
`
`26.
`
`I am familiar with the content of the ‘432 patent, which, I have been
`
`informed by counsel, has an earliest possible filing date of August 29, 2001.
`
`Additionally, I have reviewed the other references cited above in this declaration.
`
`Counsel has informed me that I should consider these materials through the lens of
`
`one of ordinary skill in the art related to the ‘432 patent at the time of the
`
`invention. I believe that a person having ordinary skill in the art at the effective
`
`filing date of the ‘432 Patent (“POSITA”) would have had a Bachelor of Science
`
`Degree in Electrical Engineering, Computer Engineering, or Computer Science
`
`with related work experience. Individuals with additional education or additional
`
`industrial experience could still be of ordinary skill in the art if that additional
`
`aspect compensates for a deficit in one of the other aspects of the requirements
`
`stated above. I base my evaluation of a person of ordinary skill in this art on my
`
`own personal experience, including my knowledge of students, colleagues, and
`
`related professionals at the time of interest.
`
`IV. Overview of the ‘432 Patent
`
`27. The ‘432 Patent claims and describes systems and methods relating to
`
`financial activity; specifically for processing user financial information for
`
`electronic purchases. See ‘432 Patent at Abstract, 2:51-3:6, claims 1, 4, 10. In the
`
`words of the Patent Owner, the claims of the ‘432 Patent are directed to “a Central-
`
`
`
`
`Page 11 of 77
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`Entity for centralized identification and authentication of users and their
`
`transactions to increase security and e-commerce.” See ‘432 at 2:51-3:6. In more
`
`detail, the subject matter of claims 1, 4, and 10 are not tied, for example, to a
`
`specific machine, and fail to transform an article into a different state or thing. Id.
`
`The independent claims of the ‘432 Patent do recite computer-related terms such as
`
`“electronic transaction,” “computer,” “digital identity,” and “dynamic code,” but
`
`these are generic computer terms referring to concepts that were well understood
`
`by the effective file date of the ‘432 Patent. Indeed, as described in more detail
`
`below, several prior art references show that the claims of the ’432 Patent
`
`altogether fail to recite a novel and unobvious technological feature, just as they
`
`fail to recite a technical problem solved by a technical solution.
`
`28. The specification of the ‘432 Patent confirms that the computer-
`
`related terms recited in the claims of the ‘432 Patent do in fact relate to technology
`
`that was well-known, conventional types of computer components. For example,
`
`the specification of the ‘432 Patent states that “[e]xamples of Central-Entity are
`
`banks, credit card issuing companies or intermediary service companies” and
`
`provide “centralized identification of users to allow them to purchase goods and
`
`services from an External-Entity using their digital identity.” See ‘432 at 2:13-18,
`
`3:35-40. That the ‘432 Patent is concerned with financial-related data processing
`
`rather than with technological innovation if further confirmed by other portions in
`
`Page 12 of 77
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`the specification, explaining that the claimed transactions pertain to “transactions
`
`to increase security in e-commerce,” and “for centralized identification and
`
`authentication of users” using “personal or financial information.” See ‘432 at
`
`2:54-3:40. In short, the ‘432 Patent applies generic computer technology toward
`
`the solution of a financial problem: ensuring security during an online financial
`
`transaction. See ‘432 Patent, 1:60-2:4.
`
`29. This subject matter was, at the effective filing date of the ‘432 Patent,
`
`already well known in the prior art. Indeed the references throughout this
`
`declaration provide robust descriptions of the very subject matter that the ‘432
`
`Patent claims.
`
`V. Claim Construction1
`
`30.
`
`I understand that, for the purposes of my analysis in this matter, the
`
`claims of the ‘432 Patent must be given their broadest reasonable interpretation
`
`(BRI) consistent with the specification. Stated another way, it is contemplated that
`
`the claims are understood to have their broadest reasonable interpretation in view
`
`of the specification to one having ordinary skill in the art at the time of the
`
`
`
`1 I understand that the specification of the ‘432 Patent explicitly defines several terms
`
`recited in the claims. It should be noted that my opinions account for such definitions even
`
`though for brevity those definitions are not repeated within this section.
`
`
`
`
`Page 13 of 77
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`invention, without importing limitations into the claims from the specification. I
`
`have followed these principles in my analysis. In a few instances, I have discussed
`
`my understanding of the claims in the relevant paragraphs below. I note, however,
`
`that I have been informed that the interpretation of claims used in the context of a
`
`Patent Office proceeding, such as this one, is governed by different legal rules than
`
`those used in the context of District Court litigation. As such, if I am ever asked to
`
`consider the interpretation of the claims of the ‘432 Patent in a litigation context,
`
`my opinions under those different rules of interpretation very well may differ.
`
`31.
`
`In my opinion, under the BRI standard that I understand is applicable
`
`to the claims subject to a post-grant proceeding, the “method for authenticating a
`
`user” includes the “central-entity” and the “external-entity” being the “same
`
`entity” as claimed in dependent claims 11, 46, 49, and 53. This must allow for the
`
`external-entity, as claimed in the independent claims 1, 25, 48, and 52, to perform
`
`operations specified for the central-entity since the external-entity and the central-
`
`entity represent a single entity in dependent claims 11, 46, and 49.
`
`32. Under the BRI standard, the “first central-entity computer” and
`
`“second central-entity computer” as claimed in independent claims 25 and 52 are
`
`construed to be logically (but not necessarily physically) separated components on
`
`a single computer to because the “first central-entity computer” and “second
`
`central-entity computer” are recited as “the same” in dependent claim 36.
`
`Page 14 of 77
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`33. Under the BRI standard, “transaction” as recited in independent
`
`claims 1, 25, 48, and 52 are construed as “where [a] user [] attempts to access a
`
`restricted web site or attempts or buy services or products [] . . . through a standard
`
`interface provided by [an] External-Entity . . . and selects digital identity as his
`
`identification and authorization or payment option” as stated by the specification of
`
`the ‘432 Patent. ‘432 Patent, 5:5-22.
`
`34. Under the BRI standard, “dynamic code” as recited by independent
`
`claims 1, 25, 48 and 51 are construed as “any dynamic, non-predictable and time
`
`dependent alphanumeric code, secret code, PIN or other code, which may be
`
`broadcast to the user over a communication network, and may be used as a part of
`
`a digital identity to identify a user as an authorized user” as stated by the
`
`specification of the ‘432 Patent. ‘432 Patent, 2:35-40.
`
`35.
`
`It should also be noted that one of ordinary skill in the art would
`
`appreciate that, unless there are explicit factors that prevent it, components of a
`
`network can generally be co-located without any alteration or modification to their
`
`design or implementation. Kerberos, for example as described in the Neuman
`
`reference discussed below, is a well-known prior art security protocol that is
`
`visualized as having a separate, centralized authentication server and that is how it
`
`is commonly implemented in practice. Nevertheless, it does not alter the Kerberos
`
`protocol to have the authentication server and one of its services, or verifiers,
`
`Page 15 of 77
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`running on the same machine. See, e.g., Naomaru Itoi, Secure Coprocessor
`
`Integration with Kerberos V5, 2000,
`
`https://www.usenix.org/legacy/publications/library/proceedings/sec2000/full_pape
`
`rs/itoi/itoi_html/master.html. (“the KDC and the Kerberos clients [are] running on
`
`the same computer to avoid network delay”).
`
`36. As another example, in the graduate level Network Security course I
`
`teach at Johns Hopkins University, we design security protocols similar to
`
`Kerberos and generally test the individual components all running on the same
`
`computer. It is easier to test the properties of the protocols on a single machine
`
`and, sometimes, the deployment co-locates multiple networked components onto
`
`the same machine as well.
`
`VI. Brown in view of Myers
`
`A. Claim 1
`In general, Brown teaches a “Remote Passphrase Authentication
`
`37.
`
`(RPA),” which generates a “session key” that is used “for authenticating users and
`
`services communicating over an insecure network.” Brown, Abstract. Myers
`
`teaches an “Online Certificate Status Protocol (OCSP)” that “specifies [] data that
`
`needs to be exchanged between an application checking the status of a certificate
`
`and the server providing that status,” which enables “applications to determine the
`
`(revocation) state of an identified certificate.” Meyers, pg. 2. Taken together,
`
`
`
`
`Page 16 of 77
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`Brown teaches technology that an authentication technique based on validating a
`
`digital identity, and Meyers teaches a technique for determining the validity of the
`
`digital identity with a central entity, with the common goal of improving security
`
`during a transaction involving sensitive information.
`
`38. One of ordinary skill in the art, as of the effective filing date of the
`
`‘432 Patent, would have been motivated to modify the authentication protocol
`
`message that includes the “session key” of Brown to additionally include a nonce
`
`as an extension to “cryptographically bind[] a request and a response to prevent
`
`replay attacks,” which would have prevented the prevented the use of the session
`
`key in more than one authentication process. Myers, pg. 12. The results of the
`
`combination would have been predictable, because modifying the authentication
`
`protocol of Brown to include the nonce, amounts to the use of a known
`
`cryptographic technique to improve security during a user authentication process
`
`that was both well-known and well-established at the time of the effective filing
`
`date of the ‘432 Patent. “Time-variant parameters may be used in identification
`
`protocols to counteract replay and interleaving attacks (see §10.5), to provide
`
`uniqueness or timeliness guarantees, and to prevent certain chosen-text attacks.”
`
`Alfred J. Menezes et. al., The Handbook of Applied Cryptography, August 2001,
`
`pg. 397.
`
`
`
`
`Page 17 of 77
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`39.
`
`In addition, nonces are commonly used in cryptography to generate
`
`"authenticated key establishment protocols" that “provide uniqueness guarantees in
`
`in conjunction with message authentication. See Alfred J. Menezes et al., The
`
`Handbook of Applied Cryptography, pp. 397-400, August 2001,
`
`http://cacr.uwaterloo.ca/hac/about/chap10.pdf. “N stands for ‘number used once’,
`
`or nonce… The purpose of the nonce is to assure the recipient that the message is
`
`fresh, that is, it is not a replay of an old message that an attacker observed.
`
`Verification is simple: the parking garage server… checks that the nonce N has not
`
`been seen before.” See Ross J. Anderson, Security Engineering, Second Ed., pp.
`
`66-67.
`
`40.
`
`In my opinion, one of ordinary skill in the art would have understood
`
`and appreciated that cryptographic techniques all but require a nonce to ensure that
`
`messages are not “replayed” because generating the session key, as taught by
`
`Brown, includes a cryptographic technique, a modification of the session key to
`
`include a nonce would have been a natural combination within the field of
`
`cryptography. Since commercial systems that simply transmit passwords, keys, or
`
`encrypted pins were known within the art even before the effective filing date of
`
`the ‘432 Patent, one of ordinary skill in the art would have considered it trivial for
`
`unauthorized users to simply record and “replay” the transmission as described by
`
`Myers.
`
`
`
`
`Page 18 of 77
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`41.
`
`In addition, one of ordinary skill in the art, as of the effective filing
`
`date of the ‘432 Patent, would have been motivated to modify the authentication
`
`protocol message that includes the “session key” of Brown to additionally include
`
`an expiration date to prevent unlimited reauthentication. This principle had been
`
`well understood in the art since the 1980’s with the publication of the seminal
`
`work, “Timestamps in Key Distributed Protocols” by Denning. The abstract to this
`
`work states, “We consider the possibility that communication keys may be
`
`compromised, and show that key distribution protocols with timestamps prevent
`
`replays of compromised keys.” See, Denning, Abstract,
`
`http://faculty.nps.edu/dedennin/publications/TimestampsKeyDistribution.pdf.
`
`Stated another way, Brown teaches that the user can “reauthenticate” an arbitrary
`
`number of times. By including an expiration date, as taught by Myers, and as well
`
`understood in the art, there is a limit to the amount of time the key can be used,
`
`thus limiting the amount of damage done if the key is inappropriately acquired by
`
`an unauthorized party. One of ordinary skill in the art would have understood this
`
`principle and would have been motivated to combine Myers and Brown.
`
`i.
`
`receiving electronically a request for a dynamic code for
`the user by a computer associated with a central-entity
`during the transaction between the user and the external-
`entity;
`
`
`
`
`Page 19 of 77
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`42.
`
`In my opinion, Brown in combination with Myers renders this claim
`
`obvious. For example, Brown teaches an authentication deity (a central-entity) that
`
`uses a “user name/pass-phrase and service/pass-phrase pairs . . . that support[] a
`
`particular realm . . . for retrieval during the authentication process. Id., 6:66-67.
`
`The authentication deity receives an authentication request from a user, which is
`
`forwarded by the service, and in response to the authentication request, generates a
`
`session key (a dynamic code), which used by the user during a transaction with the
`
`service (an external-entity). See Id., 4:30-58.
`
`43. FIG. 1 of Brown shows the authentication deity (the central entity),
`
`the service (the external entity), and the user connected over a computer network:
`
`Central Entity
`
`Users
`
`External Entity
`
`
`
`
`Page 20 of 77
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`Brown, FIG. 1 (annotated)
`
`44. Brown also teaches that the authentication deity (the central-entity)
`
`receives a request for a “user name/pass-phrase,” associated with a user, and a
`
`“service/pass-phrase pairs” for services (the external-entity), “for retrieval during
`
`the authentication process” using “a message passing scheme for communication
`
`between entities, [which] may be comprised of network node computers 24 that
`
`route messages through the network.” Brown, 6:26-36; 6:66-7:9. Brown also
`
`teaches a reauthentication process where “a user and service . . . may again
`
`authenticate one another” by “prov[ing] to each other that they both possess [the] .
`
`. . session key . . . derived during the authentication process.” Brown, 9:65-10:12.
`
`In my opinion, because the reauthentication process is “essentially an ordinary
`
`challenge-response mechanism in which the session key is used as a pass-phrase”
`
`where the same session key is exchanged between the same entities (e.g., user and
`
`service), the combination of the authentication and reauthentication processes
`
`represents a single “transaction” between the user and service under the broadest
`
`reasonable interpretation.
`
`ii.
`
`generating by the central-entity during the transaction a
`dynamic code for the user in response to the request,
`wherein the dynamic code is valid for a predefined time
`and becomes invalid after being used;
`
`
`
`
`Page 21 of 77
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`45. Brown teaches that the authentication deity, after verifying both the
`
`user’s and service’s identity, “creates a random, 128-bit session key, Kus, for use
`
`by the user and service” for “session encryption.” Brown, 9:22-41. The
`
`authentication deity also generates “two obscured copies of the session key,”
`
`“Kuss” and “Kusu,” and “a pair of authentication ‘proofs’,” “Au” and “As.”
`
`Brown, 9:27-35. In my opinion, the session key generated by the authentication
`
`deity, as described by Brown, corresponds to the “dynamic code” as recited in the
`
`claim.
`
`46. Brown does not explicitly teach that the session key is valid for a
`
`predefined time and becomes invalid after being used. Myers, however, teaches
`
`protecting key management (such as key distribution and revocation) in this
`
`manner.
`
`47.
`
`Initially, Myers discloses the use of X.509 certificates for public key
`
`distribution. Myers identifies, and one of ordinary skill in the art would have
`
`understood and appreciated, that X.509 certificates include expiration dates. See
`
`Myers, pp.13, 14. One of ordinary skill in the art would have also appreciated that
`
`X.509 certificates, and the public key that they distribute, are not to be used after
`
`their expiration date. As such, one of ordinary skill in the art would have been
`
`motivated to combine an expiration date with a session key to ensure that user
`
`requests to the service are timely.
`
`
`
`
`Page 22 of 77
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`48. Myers also teaches that a nonce, a term of art, “cryp
Accessing this document will incur an additional charge of $.
After purchase, you can access this document again without charge.
Accept $ Charge
Still Working On It
This document is taking longer than usual to download. This can happen if we need to contact the court directly to obtain the document and their servers are running slowly.
Give it another minute or two to complete, and then try the refresh button.
A few More Minutes ... Still Working
It can take up to 5 minutes for us to download a document if the court servers are running slowly.
Thank you for your continued patience.
This document could not be displayed.
We could not find this document within its docket. Please go back to the docket page and check the link. If that does not work, go back to the docket and refresh it to pull the newest information.
Your account does not support viewing this document.
You need a Paid Account to view this document. Click here to change your account type.
Your account does not support viewing this document.
Set your membership
status to view this document.
With a Docket Alarm membership, you'll
get a whole lot more, including:
- Up-to-date information for this case.
- Email alerts whenever there is an update.
- Full text search for other cases.
- Get email alerts whenever a new case matches your search.
One Moment Please
The filing “” is large (MB) and is being downloaded.
Please refresh this page in a few minutes to see if the filing has been downloaded. The filing will also be emailed to you when the download completes.
Your document is on its way!
If you do not receive the document in five minutes, contact support at support@docketalarm.com.
Sealed Document
We are unable to display this document, it may be under a court ordered seal.
If you have proper credentials to access the file, you may proceed directly to the court's system using your government issued username and password.
Access Government Site
