`
`UNITED STATES PATENT AND TRADEMARK OFFICE
`
`________________
`
`BEFORE THE PATENT TRIAL AND APPEAL BOARD
`
`________________
`
`APPLE INC.,
`
`Petitioner,
`
`v.
`
`UNIVERSAL SECURE REGISTRY LLC,
`
`Patent Owner
`
`________________
`
`Case IPR2018-00810
`
`U.S. Patent No. 9,100,826
`
`________________
`
`PATENT OWNER’S REPLY IN SUPPORT OF ITS MOTION TO AMEND
`PURSUANT TO 37 C.F.R. § 42.121
`
`
`
`TABLE OF CONTENTS
`
`Case No. IPR2018-00810
`U.S. Patent No. 9,100,826
`
`Page
`
`PATENT OWNER’S LIST OF EXHIBITS .............................................................. 1
`I.
`INTRODUCTION ........................................................................................... 3
`II.
`SUBSTITUTE CLAIMS DIRECTED AT UNCHALLENGED
`CLAIMS .......................................................................................................... 3
`III. CLAIM 56 HAS WRITTEN DESCRIPTION SUPPORT.............................. 3
`IV.
`SUBSTITUTE CLAIMS ARE NOVEL AND NONOBVIOUS .................... 6
`A.
`Petitioner Fails to Address “the digital signature generated
`using a private key associated with the first handheld device”
`(36[f]) .................................................................................................... 6
`Petitioner Fails to Address Several Limitations of Claim 45................ 8
`A POSITA Would Not Combine Jakobsson, Maritzen, and
`Schutzer By Prepending First Authentication Information................. 10
`Prior Art Fails to Disclose Limitations 56[c] and 56[e]...................... 14
`D.
`SUBSTITUTE CLAIMS ARE PATENT ELIGIBLE UNDER § 101 .......... 20
`PETITIONER’S ALLEGATIONS CONCERNING PATENT
`OWNER’S BREACH OF ITS DUTY OF CANDOR ARE
`MERITLESS .................................................................................................. 24
`VII. CONCLUSION .............................................................................................. 25
`
`V.
`VI.
`
`B.
`C.
`
`i
`
`
`
`Case No. IPR2018-00810
`U.S. Patent No. 9,100,826
`TABLE OF AUTHORITIES
`
`Cases
`
`Page
`
`Alice,
`134 S. Ct. at 2355 .......................................................................................... 21, 23
`Aqua Prods., Inc. v. Matal,
`872 F.3d 1290 (Fed. Cir. 2017) ............................................................................. 7
`Ariosa Diagnostics v. Verinata Health, Inc.,
`805 F.3d 1359 (Fed. Cir. 2015) .................................................................. 7, 8, 10
`Daikin Industries, Ltd. v. The Chemours Company FC, LLC,
`IPR2018-00993, Paper 12 ....................................................................................25
`KSR Int’l. Co. v. Teleflex, Inc.,
`550 U.S. 398 (2007) ...................................................................................... 10, 23
`Lectrosonics, Inc. v. Zaxcom, Inc.,
`IPR2018-01129, -01130, Paper 15 (Feb. 25, 2019) .............................................24
`Ex parte Levy,
`17 USPQ2d 1461 (Bd. Pat. App. & Inter. 1990) ................................................... 6
`In re Oda,
`443 F.2d 1200, 170 USPQ 268 (CCPA 1971) ....................................................... 3
`Polaris Industries, Inc. v. Arctic Cat, Inc.,
`882 F.3d 1056 (Fed. Cir. 2018) .................................................................... 10, 11
`Universal Secure Registry, LLC v. Apple, Inc.,
`1:17-cv-00585-JFB-SRF, Dkt. 137 (D. Del. Sep. 18, 2018) ........................ 20, 21
`Statutory Authorities
`35 U.S.C. § 112 .......................................................................................................... 3
`Rules and Regulations
`37 C.F.R. § 42.6(e) ...................................................................................................27
`37 C.F.R. § 42.121 ...................................................................................................27
`Other Authorities
`Office Patent Trial Practice Guide August 2018 Update,
`83 Fed. Reg. 39989 .......................................................................................... 7
`
`ii
`
`
`
`Case No. IPR2018-00810
`U.S. Patent No. 9,100,826
`
`Ex. 2001
`
`Ex. 2002
`
`Ex. 2003
`
`Ex. 2004
`
`Ex. 2005
`
`Ex. 2006
`
`Ex. 2007
`
`Ex. 2008
`
`Ex. 2009
`
`Ex. 2010
`
`Ex. 2011
`
`Ex. 2012
`
`Ex. 2013
`
`Ex. 2014
`
`PATENT OWNER’S LIST OF EXHIBITS
`
`Declaration ISO Motion Pro Hac Vice Harold Barza.
`
`Declaration ISO Motion Pro Hac Vice Jordan Kaericher.
`
`Declaration of Dr. Markus Jakobsson ISO
`Patent Owner’s Response.
`
`Curriculum Vitae of Dr. Markus Jakobsson.
`
`Transcript of December 14, 2018 Deposition of Dr.
`Victor John Shoup.
`
`N. Asokan, et. al, The State of the Art in Electronic
`Payment Systems, IEEE Computer, Vol. 30, No. 9, pp.
`28-35 (IEEE Computer Society Press, Sept. 1997).
`
`M. Baddeley, Using E-Cash in the New Economy: An
`Economic Analysis of Micropayment Systems, J.
`Electronic Commerce Research, Vol. 5, No. 4, pp. 239-
`253 (Nov. 2004).
`
`U.S. Application No. 14/027,860.
`
`U.S. Application No. 11/677,490.
`
`U.S. Provisional Application No. 60/775,046.
`
`U.S. Provisional Application No. 60/812,279.
`
`U.S. Provisional Application No. 60/859,235.
`
`Declaration by Dr. Markus Jakobsson ISO Motion to
`Amend.
`
`U.S. District Court for Delaware Report and
`Recommendation.
`
`1
`
`
`
`Case No. IPR2018-00810
`U.S. Patent No. 9,100,826
`
`Ex. 2015
`
`Declaration by Dr. Markus Jakobsson ISO Reply to
`MTA Opposition.
`
`Ex. 2016
`
`Rough transcript of deposition of Dr. Ari Juels.
`
`2
`
`
`
`Case No. IPR2018-00810
`U.S. Patent No. 9,100,826
`
`UNIVERSAL SECURE REGISTRY LLC (“Patent Owner”) submits this
`
`Reply in support of its Conditional MTA, Paper 19 (“Motion”), in response to
`
`Petitioner’s Opposition to Patent Owner’s Conditional MTA, Paper 25 (“Op.”).
`
`I.
`
`INTRODUCTION
`
`Petitioner’s unpatentability analysis of the substitute claims in view of the
`
`prior art consistently neglects to address key claim limitations found in the substitute
`
`claims. For instance, the Opposition makes no mention of amended limitations 45[e]
`
`and 45[g] and similarly fails to account for the “separable fields” amendment of
`
`independent claim 45. Omissions like this are endemic to Petitioner’s brief, and
`
`Petitioner’s failure to make a prima facie case of obviousness in its Opposition
`
`cannot be saved by attempts to fill these omissions in its sur-reply, to which Patent
`
`Owner will have no opportunity to respond.
`
`II.
`
`SUBSTITUTE CLAIMS DIRECTED AT UNCHALLENGED CLAIMS
`
`Per the conference call the parties had with the Board on April 22, 2019, all
`
`substitute claims directed at unchallenged claims are void. The Board also indicated
`
`that inclusion of such substitute claims do not render the Motion invalid.
`
`III. CLAIM 56 HAS WRITTEN DESCRIPTION SUPPORT
`
`Petitioner contends that substitute claim 56 lacks written description support
`
`and is therefore invalid under 35 U.S.C. § 112. Op. at 3-4. Patent Owner disagrees.
`
`3
`
`
`
`Case No. IPR2018-00810
`U.S. Patent No. 9,100,826
`
`Among other things, limitations 56[c] and 56[e] specify that the first
`
`authentication information includes a first key encrypted by a second key and that
`
`the encrypted first key is decrypted using the second key to retrieve the first key.
`
`Motion at B6. The specification describes that a first wireless signal includes “a PKI
`
`encrypted one-time DES key.” Ex. 2008 at 49:24-26. The specification further
`
`describes how “[t]he second wireless device uses the first public key to decrypt the
`
`PKI encrypted DES key.” Id. at 50:30-31. In response to this disclosure, Petitioner
`
`states “a value encrypted with a public key, which is an asymmetric key, could not
`
`be decrypted using the same public key. Even with extensive experimentation, it
`
`would be impossible for a POSITA to implement encryption and decryption with a
`
`public key.” Op. at 4. Patent Owner admits that the specification as written contains
`
`an obvious error: a public key cannot be used to decrypt ciphertext. Ex. 2015,
`
`Jakobsson Decl. at ¶ 30.
`
`An amendment to correct an obvious error does not constitute new matter
`
`where the ordinary artisan would not only recognize the existence of the error in the
`
`specification, but also recognize the appropriate corrections. In re Oda, 443 F.2d
`
`1200, 170 USPQ 268 (CCPA 1971). The obvious error noted by Petitioner in the
`
`’860 Application would be immediately recognized by a POSITA, who would also
`
`recognize the appropriate corrections. Ex. 2015, Jakobsson Decl. at ¶ 31.
`
`4
`
`
`
`Case No. IPR2018-00810
`U.S. Patent No. 9,100,826
`
`Specifically, as explained by Dr. Jakobsson, a POSITA would know that a public
`
`key cannot be used to both encrypt and decrypt data. Ex. 1017, Jakobsson Depo. Tr.
`
`at 52:16-55:16. Upon identifying this obvious error, a POSITA would also readily
`
`recognize two corrections—both very trivial in nature—that would clarify the
`
`specification. Ex. 2015, Jakobsson Decl. at ¶ 31.
`
`First, since a public key cannot be used to both encrypt and decrypt data, a
`
`POSITA would readily understand that the recipient’s public key would have been
`
`used to encrypt the data (e.g., second wireless device’s public key used to encrypt
`
`DES key) and the recipient’s private key would be used to decrypt the data (e.g.,
`
`second wireless device’s private key used to decrypt encrypted DES key). Ex. 1017,
`
`Jakobsson Depo. Tr. at 52:16-55:16; Ex. 2015, Jakobsson Decl. at ¶ 32. Also, since
`
`an asymmetric, public key cannot be used
`
`to perform
`
`symmetric
`
`encryption/decryption, then the key described in the specification as performing the
`
`desired symmetric encryption and decryption of the DES key may simply be a
`
`symmetric key like the claimed “second key.” Id. A POSITA would readily
`
`recognize both of these corrections in view of the teachings of the specification. Id.
`
`As such, these portions of the specification provide written description and enabling
`
`support for limitations 56[c] and 56[e]. Id.
`
`5
`
`
`
`Case No. IPR2018-00810
`U.S. Patent No. 9,100,826
`
`IV.
`
`SUBSTITUTE CLAIMS ARE NOVEL AND NONOBVIOUS
`
`A.
`
`Petitioner Fails to Address “the digital signature generated using
`a private key associated with the first handheld device” (36[f])
`
`Petitioner fails to show that the prior art of record discloses “the digital
`
`signature generated using a private key associated with the first handheld
`
`device.” Motion at B1 (36[f]). Notably, Petitioner ignores this claim limitation in its
`
`analysis of the prior art. See Op. at 5-10. Instead, Petitioner’s myopic approach
`
`focuses only on whether Schutzer discusses a “digital signature,” and neglects to dig
`
`deeper as to whether Schutzer’s digital signature is specifically generated using a
`
`private key associated with a handheld device. See Op. at 9 (citing Ex. 1030,
`
`Schutzer, ¶29). A close review of the cited portion of Schutzer reveals that Schutzer
`
`is silent on how the digital signature is generated, such as who or what generated the
`
`digital signature. Ex. 2015, Jakobsson Decl. at ¶ 33. In particular, no explicit or
`
`implicit1 disclosure is made that Schutzer’s digital signature was generated using a
`
`private key of a handheld device. Id.
`
`1 No implicit disclosure is made in Schutzer that the digital signature is necessarily
`
`generated by a private key of the user’s computing device 10. Ex parte Levy, 17
`
`USPQ2d 1461, 1464 (Bd. Pat. App. & Inter. 1990) (requiring that the inherent
`
`6
`
`
`
`Case No. IPR2018-00810
`U.S. Patent No. 9,100,826
`
`“[Section] 316(e) unambiguously requires the petitioner to prove all
`
`propositions of unpatentability, including for amended claims.” Aqua Products,
`
`Inc. v. Matal, 872 F.3d 1290, 1296 (Fed. Cir. 2017) (emphasis added). Here,
`
`Petitioner’s failure to address the claim limitation “the digital signature generated
`
`using a private key associated with the first handheld device” represents an
`
`incurable defect to its prima facie case of unpatentability of substitute claim 36.
`
`Moreover, Petitioner cannot introduce new arguments in its sur-reply in an attempt
`
`to fill holes in its prima facie showing. Ariosa Diagnostics v. Verinata Health, Inc.,
`
`805 F.3d 1359, 1367 (Fed. Cir. 2015) (Affirming Board’s rejection of Petitioner’s
`
`reliance on “previously unidentified portions of a prior-art reference to make a
`
`meaningfully distinct contention” in its Reply); Office Patent Trial Practice Guide
`
`August 2018 Update, 83 Fed. Reg. 39989 (referencing August 2018 update at
`
`https://go.usa.gov/xU7GP at pg. 14). Accordingly, the record fails to demonstrate
`
`characteristic necessarily flow from the teachings of the prior art). Indeed,
`
`Schutzer’s digital signature may be generated using the private key of a certificate
`
`authority and be used as part of a digital certificate to authenticate the user. Ex.
`
`2015, Jakobsson Decl. at ¶ 34. The digital signature may also be that of the user itself
`
`and not the user’s device. Id. at ¶ 35.
`
`7
`
`
`
`Case No. IPR2018-00810
`U.S. Patent No. 9,100,826
`
`that the prior art discloses or renders obvious “the digital signature generated using
`
`a private key associated with the first handheld device.”
`
`B.
`
`Petitioner Fails to Address Several Limitations of Claim 45
`
`Petitioner’s analysis of substitute claim 45 is even more deficient, as it fails to
`
`address several claim limitations. Petitioner sweepingly asserts that “Substitute
`
`claim 45 adds similar amendments to claim 10 as substitute claim 36 to 1,” and then
`
`summarily concludes that, “Accordingly, substitute claim 45 is obvious for at least
`
`the same reasons claims 10 and 36 are obvious.” Op. at 11. But Petitioner’s
`
`dismissive analysis neglects limitations that are distinctly unique to claim 45.2 Ex.
`
`2015, Jakobsson Decl. at ¶ 37.
`
`First, Petitioner fails to address limitations 45[e] and 45[g], which
`
`respectively recite, “at least one of the digital signature and/or the one-time code
`
`2 Like claim 36, claim 45 also recites “generating a digital signature at the first
`
`handheld device using a private key associated with the first handheld device.”
`
`Motion at B4 (limitation 45[c]) (emphasis added). Therefore, in addition to
`
`Petitioner’s failure to examine features unique to claim 45, Petitioner also fails to
`
`address this limitation. See discussion supra Section IV.A; Ex. 2015, Jakobsson
`
`Decl. at ¶ 36.
`
`8
`
`
`
`Case No. IPR2018-00810
`U.S. Patent No. 9,100,826
`
`encrypted by the first handheld device” and “decrypting, with the second device, at
`
`least one of the digital signature and/or the one-time code encrypted by the first
`
`handheld device.” Motion at B3. Petitioner does not address anywhere in its
`
`Opposition what prior art reference purportedly discloses these claim features. Ex.
`
`2015, Jakobsson Decl. at ¶ 38. These limitations are unique to claim 45 and are not
`
`found in claim 36. Id. Thus, Petitioner’s summary reliance on its limited analysis of
`
`claim 36 as the basis for its opposition to claim 45 is explicitly deficient, leaving
`
`Petitioner with no argument whatsoever with respect to limitations 45[e] and 45[g].
`
`Second, limitation 45[d] requires that a first signal generated “include[] the
`
`first authentication information of the first entity, the one-time code, and the digital
`
`signature as separable fields of the first signal.” Motion at B4 (emphasis added).
`
`This “separable fields” requirement is not present in claim 36 and is consequently
`
`not addressed by Petitioner in its analysis of claim 36. See Op. at 5-10. While
`
`Petitioner discusses “separable fields” with respect to a different claim, claim 42—
`
`a dependent claim that depends from independent claim 36 not claim 45—Petitioner
`
`does not refer back to or cite to claim 42 in its cursory analysis of claim 45.
`
`Moreover, independent claim 45 includes other distinctly different limitations
`
`not found in independent claim 36 or dependent claim 42 (e.g., “at least one of the
`
`digital signature and/or the one-time code encrypted by the first handheld device”
`
`9
`
`
`
`Case No. IPR2018-00810
`U.S. Patent No. 9,100,826
`
`and “decrypting…at least one of the digital signature and/or the one-time code
`
`encrypted by the first handheld device”). Ex. 2015, Jakobsson Decl. at ¶¶ 39-40.
`
`These limitations have a material impact on how claim 45 comes together as a whole
`
`to define a distinctly different invention than claim 36 or claim 42. Id. at 40. To
`
`satisfy its burden, these differences require that Petitioner articulate in its Opposition
`
`how and why—if indeed Petitioner believed at all—the “separable fields” limitation
`
`was obvious with respect to claim 45 as a whole. Id.
`
`By neglecting to analyze multiple features of claim 45 in its Opposition,
`
`Petitioner fails to make a prima facie showing of unpatentability. Moreover,
`
`Petitioner cannot introduce new arguments by addressing these missing limitations
`
`for the first time in its sur-reply. Ariosa Diagnostics at 1367; OPTPG Update at 14.
`
`C.
`
`A POSITA Would Not Combine Jakobsson, Maritzen, and
`Schutzer By Prepending First Authentication Information
`Substitute Claims 36 and 45
`
`“A reference may be said to teach away when a person of ordinary skill, upon
`
`reading the reference, would be discouraged from following the path set out in the
`
`reference, or would be led in a direction divergent from the path that was taken by
`
`the applicant.” Polaris Industries, Inc. v. Arctic Cat, Inc., 882 F.3d 1056, 1069 (Fed.
`
`Cir. 2018). If the disclosure “criticize[s], discredit[s], or otherwise discourage[s]”
`
`the solution claimed, then the disclosure teaches away such that a POSITA would
`
`10
`
`
`
`Case No. IPR2018-00810
`U.S. Patent No. 9,100,826
`
`not have been motivated to combine the references. Id. “Even if a reference is not
`
`found to teach away, its statements regarding preferences are relevant to a finding
`
`regarding whether a skilled artisan would be motivated to combine that reference
`
`with another reference.” Id. Here, a person of ordinary skill in the art at the time of
`
`the invention (POSITA) would not be motivated to combine Jakobsson, Maritzen,
`
`and Schutzer in the manner suggested by Petitioner.
`
`Petitioner argues that a POSITA would be motivated to “add[] the digital
`
`signature of Schutzer and one-time code disclosed by Jakobsson to the key of
`
`Maritzen” by “prepending or appending values such as Maritzen’s keys,
`
`Jakobsson’s one-time code, and Schutzer’s digital signature.” Op. at 10 (emphasis
`
`added); see also id. at 13-14 (prepending or appending same values to achieve
`
`limitations of
`
`claim 42). However,
`
`even
`
`assuming
`
`that Maritzen’s
`
`transaction/biometric key was derived from biometric information,3 a POSITA
`
`would not prepend or append Maritzen’s keys to Jakobsson’s code and Schutzer’s
`
`digital signature because doing so would be redundant since Jakobsson already
`
`teaches that its authentication code incorporates biometric data (e.g., authentication
`
`3 Patent Owner disputes that Maritzen’s biometric/transaction key is derived from
`
`biometric information. See Ex. 1004, Maritzen at [0044], [0088]; POR at 22-25.
`
`11
`
`
`
`Case No. IPR2018-00810
`U.S. Patent No. 9,100,826
`
`code A (K, T, E, P) 292 where P may be biometric data). See Ex. 1005, Jakobsson
`
`at [0072], [0073]; Ex. 2015, Jakobsson Decl. at ¶ 42. Thus, there would be no
`
`motivation to make the proposed modification in order to send substantially the same
`
`information twice at the same time: once by prepending/appending and another by
`
`incorporating the value into an authentication code. Id.
`
`Furthermore, Maritzen repeatedly emphasizes that neither “biometric
`
`information identifying the user” nor any other “user information” is transmitted
`
`from the user device at any time during a transaction. Ex. 1004, Maritzen at [0044]
`
`(“The biometric information identifying the user is not transmitted at any time.”);
`
`see also id. at [0045], [0088], [0090], [0109], [0111], [0124], [0128], [0148], [0150],
`
`[0164], [0166]. Thus, Maritzen itself teaches away from prepending/appending and
`
`sending the claimed “first authentication information derived from the first biometric
`
`information.” As such, independent substitute claims 36 and 45 are novel and non-
`
`obvious over the prior art. Ex. 2015, Jakobsson Decl. at ¶ 43.
`
`Substitute Claim 42
`
`Moreover, even if it were assumed that Jakobsson’s authentication code was
`
`generated without using biometric data (i.e., did not include user data (P)) and
`
`Maritzen’s keys supplied information derived from a biometric, a POSITA would
`
`still not prepend/append Maritzen’s keys to Jakobsson’s code and Schutzer’s digital
`
`12
`
`
`
`Case No. IPR2018-00810
`U.S. Patent No. 9,100,826
`
`signature for Petitioner’s stated purpose of “more securely authenticat[ing] the user.”
`
`Ex. 2015, Jakobsson Decl. at ¶ 44. Jakobsson never discloses an embodiment where
`
`an authentication code is generated without use of—at least at some stage—a one-
`
`way function, such as a hash function. Id. Even in the embodiment where Jakobsson
`
`describes a PIN (P) being appended to authentication code A(K, T, E), the latter
`
`value is the result of a one way function. Id.; See Ex. 1104, Jakobsson at [0073].
`
`Indeed, as explained by Dr. Jakobsson, use of a one-way function is critical to
`
`Jakobsson’s system because otherwise the system would not be secure:
`
`all the examples given and the motivation of this requires that it’s a
`one-way function. Remember, one of these things is -- for example, the
`value K, that’s a secret key. If you were not to apply a one-way
`function to that and you were to, as a result, expose that to an
`eavesdropper, that would not be beneficial.
`Ex. 1017, Jakobsson Depo. at 134:1-13 (emphasis added); see also id. at 134:19-
`
`135:7 (explaining that it would be “clear to a person of skill in the art reading this
`
`that there has to be a one-way function”). Even Petitioner’s new expert, Dr. Juels,
`
`conceded at his deposition that merely concatenating or XOR’ing inputs together,
`
`without more, was an inadequate way to generate or protect the authentication code
`
`from eavesdroppers. Ex. 2016, Juels Depo. at 30:3-21 (eavesdropper can recover
`
`inputs if mere concatenation were used), 34:12-36:12 (same), 40:14-41:6 (adversary
`
`13
`
`
`
`Case No. IPR2018-00810
`U.S. Patent No. 9,100,826
`
`can recover input if mere XOR is used as the combination function). Thus, in light
`
`of the teachings of Jakobsson, a POSITA would not, for example, prepend/append
`
`various values without applying a one-way function because certain types of
`
`information described in Jakobsson, such as the secret key K or biometric value P,
`
`would be put at risk of interception and misuse. Ex. 2015, Jakobsson Decl. at ¶ 44.
`
`Moreover, if Maritzen’s biometric key were biometric information (and it is
`
`not), it is well understood that it would suffer from errors, such as translation and
`
`rotation errors. Ex. 2015, Jakobsson Decl. at ¶ 45. Petitioner’s expert admits as
`
`much. See Ex. 2016, Juels Depo. at 146:10-147:7. That these errors are not knowable
`
`to the verifier would make it practically impossible for the verifier to verify a
`
`received authentication code, as the verifier would not know what input to provide
`
`to Jakobsson’s one-way combination function for the generation of the verifier-
`
`generated authentication code. Ex. 2015, Jakobsson Decl. at ¶ 45.
`
`D.
`
`Prior Art Fails to Disclose Limitations 56[c] and 56[e]
`
`Petitioner relies on Maritzen in view of Jakobsson further in view of Niwa
`
`further in view of Schutzer and further in view of Burnett in its attempt to show that
`
`claim 56 is obvious. Despite relying on five different references for its proposed
`
`combination, Petitioner fails to make a prima facie showing of obviousness.
`
`14
`
`
`
`Case No. IPR2018-00810
`U.S. Patent No. 9,100,826
`
`Petitioner first contends that Maritzen in view of Jakobsson discloses claim
`
`limitations 56[c] and 56[e]. Op. at 15 (citing: Ex. 1019, Shoup Decl. at ¶ 55-56; Op.
`
`at Section II.D.1.a(2); Ex. 1005, Jakobsson at ¶¶ 6, 7, 21, 58; Ex. 1004, Maritzen at
`
`¶¶ 45-46). However, the cited portions of Maritzen and Jakobsson do not disclose
`
`that a first key used to encrypt at least a portion of first authentication information is
`
`itself encrypted by a second key and then decrypted at a second device using the
`
`same second key. Ex. 2015, Jakobsson Decl. at ¶ 47.
`
`For example, Maritzen describes how a “transaction key” may be encrypted
`
`using “standard encrypting methods, such as, for example, public key infrastructure
`
`(PKI) encryption.” Ex. 1004, Maritzen at ¶ 45. However, Maritzen’s “transaction
`
`key” is merely an authentication value and is not an encryption key that encrypts or
`
`decrypts data. See, e.g., id. at ¶ 44-50. Instead, Maritzen simply validates the
`
`transaction key by comparing the transaction key to other keys stored at the clearing
`
`house 130 to determine if there is a match. See id. at ¶ 48. By contrast, claim 56
`
`requires that “at least a portion of the first authentication information [is] encrypted
`
`by a first key” and the first key is used to “decrypt[], at the second device, the portion
`
`of the first authentication information encrypted by the first key using the first key.”
`
`Motion at B6 (56[c], 56[e]). Maritzen’s transaction key performs no encryption or
`
`15
`
`
`
`Case No. IPR2018-00810
`U.S. Patent No. 9,100,826
`
`decryption. The cited portions of Jakobsson also fail to disclose these claim
`
`limitations. Ex. 2015, Jakobsson Decl. at ¶ 48.
`
`Petitioner further argues that “[t]o the extent that Maritzen and Jakobsson do
`
`not explicitly discuss encrypting data with a first key and encrypting the first key
`
`with a second key, Burnett discloses this limitation.” Op. at 15. Specifically,
`
`Petitioner states that “Burnett discloses that a ‘session key’ ([first key]) used to
`
`encrypt information can be encrypted using a key encryption key (‘KEK’) ([second
`
`key]), and that the same KEK can be used to decrypt the first key.” Op. at 15 (citing
`
`Ex. 1021, Burnett at 54-55, FIG. 3-1). Petitioner also claims that it would have been
`
`obvious to “modify the authentication information of Maritzen, Jakobsson, Niwa,
`
`and Schutzer by encrypting it with a session key, encrypting the session key with a
`
`KEK, and transmitting the KEK-encrypted session key…to the second device
`
`for decryption as taught by Burnett.” Op. at 16.
`
`A review of Burnett reveals that Petitioner’s contentions are fatally flawed.
`
`Among other things, Chapter 3 of Burnett discusses password-based encryption
`
`(PBE); specifically, how a “session key,” which is used to encrypt and decrypt bulk
`
`data, may itself be encrypted using another key that is known as a key encryption
`
`key (KEK). Ex. 1021, Burnett at 54. Burnett further discusses how, advantageously,
`
`the KEK is not stored and is instead generated as needed at the device to
`
`16
`
`
`
`Case No. IPR2018-00810
`U.S. Patent No. 9,100,826
`
`encrypt or decrypt the session key to recover the encrypted data. Id. (“When he
`
`needs a KEK to encrypt, [he] will generate it, use it, and then throw it away. When
`
`he needs to decrypt the data, he generates the KEK again, uses it, and throws it
`
`away.”). In particular, the process uses PBE where a “mixing algorithm” blends a
`
`“salt” (i.e., a random value) and a user-selected password together to generate a
`
`KEK. Id. at 55. After the KEK is used to encrypt the session key, it is thrown away
`
`and the salt used to generate the KEK is stored alongside the encrypted session key
`
`at the device. Id. To decrypt the stored, encrypted session key, the salt is retrieved
`
`and inputted into the same mixing algorithm along with the same password to
`
`regenerate the same KEK. Id.; Ex. 2015, Jakobsson Decl. at ¶ 50.
`
`Notably, however, subsequent pages of Burnett explain that the KEK is
`
`personal to each user/device and is not shared with other users/devices. In
`
`particular, Burnett discloses:
`
`There are a couple of reasons to use a session key and a KEK.
`First, suppose you need to share the data with other people and you
`want to keep it stored encrypted. In that case, you generate one
`session key, and everyone gets a copy of it. Then everyone protects
`his or her copy of the session key using PBE. So rather than share
`a password (something everyone would need for decrypting if you
`had used PBE to encrypt the bulk data), you share the key.
`
`17
`
`
`
`Case No. IPR2018-00810
`U.S. Patent No. 9,100,826
`
`Id. at 58 (emphasis added). Thus, if a first and second device were to share a session
`
`key used to encrypt and decrypt bulk data, each would generate its own KEK using
`
`its own password and salt to encrypt and store the shared session key instead of
`
`sharing the same password and KEK. Burnett teaches that the KEK used to
`
`encrypt the session key at a first device is not used to decrypt the encrypted
`
`session key at a second device. Ex. 2015, Jakobsson Decl. at ¶ 51. Annotated FIG.
`
`3-4 of Burnett below makes this clear, and shows how a session key shared by two
`
`users, Pao-Chi and Gwen, is encrypted with a KEK unique to each user.
`
`18
`
`
`
`Case No. IPR2018-00810
`U.S. Patent No. 9,100,826
`
`By contrast, substitute claim 56 requires that the same “second key” used to
`
`encrypt the first key at the first handheld device is also used at the second device to
`
`decrypt the encrypted first key to retrieve the first key at the second device. As
`
`described in detail above, Burnett’s KEK is not shared between users/devices and
`
`instead each user generates their own KEK to encrypt and store a shared session key
`
`using passwords and salts unique to them. Consequently, Petitioner fails to establish
`
`that Burnett discloses limitations 56[c] and 56[e]. Ex. 2015, Jakobsson Decl. at ¶ 52.
`
`Similarly, Petitioner’s assertions as to why a POSITA would be motivated to
`
`combine Maritzen, Jakobsson, Niwa, Schutzer, and Barnett are equally defective.
`
`See Op. at 15-16. As explained above, Barnett never teaches transmitting a KEK-
`
`encrypted session key from one user to another since each user generates its own
`
`KEK based on its own password and salt. See Ex. 1021, Barnett at 58-59. Indeed, a
`
`POSITA would not be motivated to make Petitioner’s proposed combination that
`
`envisions transmitting KEK-encrypted session keys between users since doing so
`
`would require one user to also share its password and salt with the other user so the
`
`latter could decrypt the encrypted session key. See id. at 58 (“So rather than share a
`
`password…”); Ex. 2015, Jakobsson Decl. at ¶ 53. As such, Petitioner fails to
`
`establish that the proposed combination renders claim 56 obvious.
`
`19
`
`
`
`Case No. IPR2018-00810
`U.S. Patent No. 9,100,826
`
`V.
`
`SUBSTITUTE CLAIMS ARE PATENT ELIGIBLE UNDER § 101
`
`Petitioner argues that the substitute claims are unpatentable under § 101
`
`because they purportedly claim patent-ineligible abstract ideas. Op. at 18-24.
`
`However, on September 19, 2018, United States Magistrate Judge Sherry R. Fallon
`
`for the District Court of Delaware issued a Report and Recommendation (R&R)
`
`rejecting similar arguments made by Petitioner, and recommending that the District
`
`Court deny Petitioner’s motion to dismiss under § 101 since the claims of the ’826
`
`patent are “not directed to an abstract idea because ‘the plain focus of the claims is
`
`on an improvement to computer functionality itself, not on economic or other tasks
`
`for which a computer is used in its ordinary capacity.’” Ex. 2016, Universal Secure
`
`Registry, LLC v. Apple, Inc., 1:17-cv-00585-JFB-SRF, Dkt. 137 at 19 (D. Del. Sep.
`
`18, 2018) (emphasis added). Specifically, Judge Fallon stated that:
`
`The ’826 patent is directed to an improvement in computer
`functionality, as
`it requires biometric
`information
`to
`locally
`authenticate the user as well as a second level of remote user
`authentication. (’826 patent, col. 32:43-56; col. 34:7-25) While certain
`elements of claim 10 recite generic steps of authenticating a user
`based on biometric information, the claim as a whole describes an
`improved distributed authentication system with
`increased
`security.
`
`20
`
`
`
`Case No. IPR2018-00810
`U.S. Patent No. 9,100,826
`
`Id. at 20 (emphasis added). As such, the substitute claims, which are narrower than
`
`the ’826 patent’s existing claims, are patent eligible for the same reasons.
`
`This Board also reached the same conclusion of patent eligibility when it
`
`rejected similar arguments made by Petitioner for related U.S. patent 8,577,813 in
`
`CBM2018-00026. Id., Paper 10 at 23-24. Indeed, in its Petition for CBM2018-
`
`00026, Petitioner advanced the same abstract idea of “verifying an account holder’