`
`518826US
`
`IN THE UNITED STATES PATENT AND TRADEMARK OFFICE
`__________________
`
`BEFORE THE PATENT TRIAL AND APPEAL BOARD
`__________________
`
`BlackBerry Corporation
`
`Petitioner,
`
`v.
`
`MAZ ENCRYPTION TECHNOLOGIES LLC,
`
`Patent Owner.
`__________________
`
`
`Patent U.S. 7,096,358
`__________________
`
`
`
`
`PETITION FOR INTER PARTES REVIEW
`
`
`
`
`
`
`

`

`
`
`
`
`
`
`
`
`
`TABLE OF CONTENTS
`
`INTRODUCTION .............................................................................. 1
`I.
`II. MANDATORY NOTICES ................................................................. 1
`III. CERTIFICATION OF GROUNDS FOR STANDING
`
`— RULE 42.104(a) ............................................................................ 3
`IV. OVERVIEW OF CHALLENGE AND RELIEF REQUESTED
`— RULE 42.104(b) ............................................................................ 4
`A. Prior Art Patents and Printed Publications ........................... 4
`
`B. Grounds for Challenge ............................................................. 5
`
`V. BACKGROUND ................................................................................ 7
`
`A. The ’358 Patent ........................................................................ 7
`
`B. File History ............................................................................... 9
`
`C. Asserted Claims ..................................................................... 10
`VI. THE PERSON OF ORDINARY SKILL IN THE ART ................... 15
`VII. CLAIM CONSTRUCTION .............................................................. 16
`VIII. IDENTIFICATION OF HOW THE CHALLENGED CLAIMS
`ARE UNPATENTABLE .................................................................. 17
`A. Ground 1: Claims 1, 3–15 are obvious over Johnson
`in view of McDonnal. .............................................................. 17
`B. Ground 2: Claims 1, 3–15 are obvious over Johnson
`in view of CFS Source Code ................................................... 38
`C. Ground 3: Claim 2 is obvious over Johnson in view of
`McDonnal and Chan .............................................................. 50
`D. Ground 4: Claim 3 is obvious over Johnson in view of
`McDonnal and Rackman ........................................................ 53
`E. Ground 5: Claims 1, 4, 6–9 and 11–14 are obvious over
`CFS Source Code in view of CFS I ........................................ 55
`F. Ground 6: Claim 2 is obvious over CFS Source Code in
`view of CFS I and Chan ......................................................... 73
`G. Ground 7: Claim 3 is obvious over CFS Source Code in
`view of CFS I and Rackman .................................................. 74
`i
`
`
`
`
`
`
`
`
`
`
`
`

`

`IX. NO SECONDARY CONSIDERATIONS OF
`
`NONOBVIOUSNESS ...................................................................... 75
`X. CONCLUSION ................................................................................ 75 
`
`
`
`
`
`
`
`
`ii
`
`

`

`
`
`
`Exhibit
`No.
`1001
`1002
`1003
`1004
`
`1005
`
`1006
`
`1007
`1008
`1009
`
`1010
`
`1011
`
`1012
`
`1013
`
`
`
`EXHIBIT LIST
`
`Document
`
`U.S. Pat. No. 7,096,358 to Zizzi (the ’358 Patent)
`Declaration of Dr. Matthew Blaze
`CV of Dr. Matthew Blaze
`U.S. Patent No. 5,694,472 to Johnson (“Johnson”)
` “A Cryptographic File System for Unix,” authored by Dr.
`Matthew Blaze; presented at the 1993 Proceedings of the 1st
`ACM Conference of Computer & Communication Security in
`Fairfax Virginia and published CFS I in November 1993.
`(“CFS I”)
`Source code for CFS Version 1.3.3 for Unix written by Dr.
`Matthew Blaze dated April 9, 1996 (“CFS Source Code”)
`U.S. Patent No. 5,713,018 to Chan (“Chan”)
`U.S. Patent No. 5,903,646 to Rackman (“Rackman”)
`U.S. Patent No. 5,699,428 to McDonnal (“McDonnal”)
`File History of U.S. Patent 7,096,358 to Zizzi (“the ’358 File
`History”)
`File History Excerpts of Reexamination 90/006,529 of U.S.
`Patent 6,185,681 (the ’681 Reexam File History”)
`Joint Claim Construction Chart filed in MAZ Encryption
`Technologies LLC v. BlackBerry Limited et al., Civil Action
`No. 3:17-cv-03267-K (Northern District of Texas)
`“Key Management in an Encrypting File System,” Authored
`by Dr. Matthew Blaze; presented at USENIX Association;
`Proceedings of the summer 1994 USENIX Conference, June
`6-10, 1994, Boston, Massachusetts, USA (“CFS II”)
`
`iii
`
`

`

`1014
`
`1015
`
`1016
`
`1017
`
`1018
`
`1019
`
`1020
`
`1021
`
`1022
`
`1023
`
`1024
`
`1025
`
`“New release of CFS Unix encrypting filesystem available,”
`by Matt Blaze, posted Marcy 17, 1996 in sci.crypt online news
`group
`Website announcement: “NEW: Cryptographic
`Filesystems (CFS) has a Home/WWW Page,” dated
`September 19, 1996
`Exhibit C to the Declaration of John P. Kelly, filed as Exhibit
`1008 in Oracle Corporation v. MAZ Encryption Technologies
`LLC, PTAB-IPR2014-00472 (Mar. 3, 2014)
`Exhibit D to the Declaration of John P. Kelly, filed as Exhibit
`1008 in Oracle Corporation v. MAZ Encryption Technologies
`LLC, PTAB-IPR2014-00472 (Mar. 3, 2014)
`“History of Encryption,” SANS Institute InfoSec Reading
`Room, 2001
` “New Directions in Cryptography,” by Whitfield Diffie and
`Martin Hellman, IEEE Transactions on Information Theory,
`Vol. IT22, No. 6, November, 1976, pp. 644-654
`“The Unix Desk Reference,” by Peter Dyson, Sybex, 1996
`(excerpt)
`Ben Ezzel and Jim Blaney, NT 4/Windows 95 Developer's
`Handbook, Sybex, 1997 (excerpt)
`Federal Information Processing Standard (FIPS) for
`Advanced Encryption Standard (AES)
`(http://csrc.nist.gov/archive/aes/pre-roundl/aes _9701 . txt)
`Jim Taylor et. al. , DVD Demystified, Third Edition, McGraw
`Hill, 2006 (excerpt)
`Jim Boyce, et al., Windows NT Workstation 4.0 Advanced
`Technical Reference, Que, 1996 (excerpt)
`“Early History of SQL,” Donald Chamberlin, IEEE Annals of
`
` iv
`
`

`

`the History of Computing, October-December, 2012, pp. 78-82
`“Saluting the data encryption legacy,” CNET, September 27,
`2004
`“History of Smart Cards,” CardWerk
`(http://cardwerk.com/smart-card-history/)
`U.S. Pat. No. 5,584,023 to Hsu (“Hsu”)
`U.S. Pat. No. 6,161,111 to Mutalik et al. (“Mutalik”)
`U.S. Pat. No. 5,615,379 to Wehle (“Wehle”)
`U.S. No. Pat. 5,550,976 to Henderson (“Henderson”)
`
`1026
`
`1027
`
`1028
`1029
`1030
`1031
`
` v
`
`

`

`I.
`
`INTRODUCTION
`BlackBerry Corporation (“BlackBerry” or “Petitioner”) requests
`
`inter partes review of claims 1–15 of U.S. Pat. No. 7,096,358 entitled
`
`“Encrypting File System” (“the ’358 patent”). This Petition shows by at
`
`least a preponderance of the evidence that there is a reasonable likelihood
`
`that Petitioner will prevail on proving that claims 1–15 of the ’358 patent
`
`are unpatentable.
`
`The ’358 patent relates to an encrypting and decrypting process for
`
`electronic documents. But the concepts the ’358 patent claims were all
`
`well-known long before the earliest possible effective filing date of the ’358
`
`patent. Document encryption systems that allowed users to select a file or
`
`a document to be encrypted or decrypted as taught by the ’358 patent
`
`were available at least by the mid-1990s. The prior art references below
`
`disclose that this encryption technology was known prior to the filing of
`
`the ’358 patent. Accordingly, the claims of ’358 patent are invalid as
`
`obvious over the prior art discussed herein.
`
`II. MANDATORY NOTICES
`Pursuant to 37 C.F.R. §42.8(a)(1), BlackBerry Corporation
`
`(“BlackBerry” or “Petitioner”) provides the following mandatory
`
`disclosures.
`
`1
`
`

`

`Real Parties-in-Interest: Pursuant to (37 C.F.R. §42.8(b)(1)),
`
`BlackBerry Corporation and BlackBerry Ltd. are the real
`
`parties-in-interest.
`
`Related Matters: Pursuant to 37 C.F.R. §42.8(b)(2), Petitioner
`
`states that U.S. Patent No. 7,096,358 (“the ’358 patent,” attached as Ex.
`
`1001) is asserted in the co-pending litigation captioned MAZ Encryption
`
`Technologies LLC v. BlackBerry Limited et al., Civil Action No.
`
`3:17-cv-03267-K (Northern District of Texas). This litigation remains
`
`pending. The service date under Fed. R. Civ. Pr. 4(d)(4) is March 7, 2018,
`
`the date waiver of service was filed.
`
`Counsel: Pursuant to 37 C.F.R. §42.8(b)(3), Petitioner provides the
`
`following designation of counsel:
`
`2
`
`

`

`Lead Counsel: Robert C. Mattson (Reg. No. 42,850))
` Direct Phone: 703-412-6466
` cpdocketmattson@oblon.com
`Back-up Counsel: Michael D. West (Reg. No. 76,996)
`
`
`
`Direct Phone: 703-412-7053
`
`
`
`cpdocketwest@oblon.com
`
`
`
`Stephen McBride (pro hac vice to be filed)
`
`
`
`Direct Phone: 703-412-1794
`
`
`
`cpdocketmcbride@oblon.com
`
`Address: Oblon, McClelland, Maier & Neustadt, LLP
`
`
`1940 Duke Street
`
`
`Alexandria, Virginia 22314
`
`
`703-413-3000 (main)
`
`
`703-413-2220 (facsimile)
`
`Service: Petitioner consents to electronic service.
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`Fees: Pursuant to 37 C.F.R. §103(a), the Office is authorized to
`
`charge the fee required by 37 C.F.R. §42.15(a) for this Petition to Deposit
`
`Account No. 15-0030. Any additional fees that might be due are also
`
`authorized.
`
`III. CERTIFICATION OF GROUNDS FOR STANDING—RULE
`42.104(a)
`Petitioner certifies that the ’358 patent is available for IPR and
`
`that Petitioner is not barred or estopped from requesting review on the
`
`grounds identified in this Petition.
`
`3
`
`

`

`IV. OVERVIEW OF CHALLENGE AND RELIEF
`REQUESTED—RULE 42.104(b)
`Petitioner requests IPR and cancellation of claims 1–15 of the ’358
`
`patent, which is subject to pre-AIA 35 U.S.C. §§102 and 103. The
`
`application that issued as the ’358 patent was filed on September 8, 2003 as
`
`Application No. 10/658,246 as a continuation-in-part of Application No.
`
`09/259,991, filed March 1, 1999, which is a continuation-in-part of
`
`Application No. 09/074,191, filed May 7, 1998. For purposes of this petition,
`
`Petitioner applies May 7, 1998 as the effective filing date.
`
`A. Prior Art Patents and Printed Publications
`Review is requested in view of the following:
`
`Ex. 1004: U.S. Patent No. 5,694,472 to Johnson (“Johnson”), filed
`
`February 13, 1995, issued December 2, 1997, is prior art under at least
`
`§102(e).
`
`Ex. 1005: “CFS I” is a 1993 article written by Dr. Blaze titled “A
`
`Cryptographic File System for Unix” that describes the CFS system. Dr.
`
`Blaze presented CFS I at the 1993 Proceedings of the 1st ACM
`
`Conference of Computer & Communication Security in Fairfax Virginia
`
`and published CFS I in November 1993. Ex. 1005 at 1; Ex. 1002, ¶18.
`
`CFS I is therefore §102(b) prior art.
`
`4
`
`

`

`Ex. 1006: “CFS Source Code” is the source code for CFS Version
`
`1.3.3 for Unix written by Dr. Blaze. Ex. 1002, ¶¶20-21. This version is
`
`dated April 9, 1996. Ex. 1006. Dr. Blaze has submitted a declaration that
`
`establishes the publication date of CFS Source Code at least by 1994. Ex.
`
`1002, ¶¶20-26.
`
`Ex. 1007: U.S. Patent No. 5,713,018 to Chan (“Chan”), filed
`
`September 27, 1995, issued January 27, 1998, prior art under at least
`
`§102(e).
`
`Ex. 1008: U.S. Patent No. 5,903,646 to Rackman (“Rackman”),
`
`filed September 2, 1994, issued May 11, 1999, prior art under at least
`
`§102(e).
`
`Ex. 1009: U.S. Patent No. 5,599,428 to McDonnal (“McDonnal”),
`
`filed January 16, 1996, issued December 16, 1997, prior art under at
`
`least §102(b).
`
`B. Grounds for Challenge
`Petitioner requests cancellation of the challenged claims under the
`
`following statutory grounds:
`
`Ground
`1
`Ground
`2
`
`Claims 1, 3–15 are unpatentable under 35 U.S.C. §103 as
`obvious over Johnson in view of McDonnal.
`Claims 1, 3–15 are unpatentable under 35 U.S.C. §103 as
`
`5
`
`

`

`obvious over Johnson in view of CFS Source Code.
`Claim 2 is unpatentable under 35 U.S.C. §103 as obvious
`over Johnson in view of McDonnal and Chan.
`Claim 3 is unpatentable under 35 U.S.C. §103 as obvious
`over Johnson in view of McDonnal and Rackman.
`Claims 1, 4–15 are unpatentable under 35 U.S.C. §103 as
`obvious over CFS Source Code in view of CFS I.
`Claim 2 is unpatentable under 35 U.S.C. §103 as obvious
`over CFS Source Code in view of CFS I and Chan.
`Claim 3 is unpatentable under 35 U.S.C. §103 as obvious
`over CFS Source Code in view of CFS I and Rackman.
`
`Ground
`3
`Ground
`4
`Ground
`5
`Ground
`6
`Ground
`7
`
`
`Section VIII demonstrates that there is a reasonable likelihood that
`
`Petitioner will prevail for each of the statutory grounds. 35 U.S.C. §314(a).
`
`Petitioner’s arguments are supported by a Declaration from Dr. Matthew
`
`Blaze. Ex. 1002. Dr. Blaze is currently a Professor of Computer Science and
`
`Law at Georgetown University. Dr. Blaze is an expert in the field of
`
`computer science with over 25 years of relevant experience, as further
`
`detailed in his C.V. Ex. 1003; see also Ex. 1002, ¶¶4-17. This petition
`
`includes and incorporates the material from Dr. Blaze’s declaration,
`
`including the invalidity analysis presented below, referring back to Dr.
`
`Blaze’s declaration where appropriate.
`
`6
`
`

`

`V. BACKGROUND
`A. The ’358 Patent
`The ’358 Patent is broadly directed to an encrypting file system. It
`
`discloses and claims the basic encryption functionality of intercepting a
`
`change or open document command, carrying out an encryption or
`
`decryption process, and then completing the command on an encrypted
`
`or decrypted file. Ex. 1001, Abstract.
`
`The ’358 Patent explains that a number of methods of securing
`
`electronic data, including password protection and firewalls, were known
`
`in the art but had limitations. Id., 2:60-65. The ’358 patent recognized a
`
`significant drawback to existing encryption technology was that it was
`
`cumbersome and difficult to use. Id., 3:15-21. In particular, existing
`
`encryption systems allegedly required users to interrupt their normal
`
`workflow, save their clear text document, activate the separate
`
`encryption software, and save the encrypted text document under a
`
`different name. Id., 3:62-66. Accordingly, the ’358 patent purports to
`
`disclose a document encryption/decryption system that solves these
`
`problems and “works with minimal disruption of a user’s normal
`
`workflow.” Id., 4:15–19.
`
`7
`
`

`

`
`
`
`
`
`
`
`
`encryptinstem for erward sysTThe discloosed systeem is a straightfor
`
`
`
`
`
`
`
`g
`
`
`
`and deecrypting documennts by usinng an enccryption kkey. Figuure 5 (beloow)
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`is a flowchart off the decrryption prrocess in aaccordannce with thhe inventtion:
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`AAfter the uuser submmits to auuthenticaation (e.g.,, providess a user IID
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`and paassword), the user selects a documennt to openn, which ggeneratess an
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`“open” command from thhe systemm. Ex. 100
`
`
`
`
`
`
`
`
`
`1, 8:58–667. The “crrypto servver”
`
`8
`
`

`

`(i.e., the software module that encryptions the documents) traps the open
`
`command and determines whether the document being opened requires
`
`decryption. Id., 9:1–7. If not, the document opens normally, or results in
`
`an error command. Id., 9:8–14. If the document requires decryption, the
`
`crypto server obtains a decryption key name from the document header
`
`or an encrypted file table and uses this decryption key name to retrieve a
`
`decryption key value from a second table. Id., 9:15–26. Using this
`
`decryption key value, the crypto server decrypts the document, passes
`
`control to the system and the document is opened. Id., 9:28–34.
`
`The remaining disclosure in the ’358 patent is directed toward
`
`describing well-known encryption techniques running on a general
`
`purpose computer connected to a typical computer network circa 1998.
`
`See, e.g., id., Figs. 1, 2.
`
`B. File History
`
`The ’358 patent issued from Application No. 10/658,246 (the “’246
`
`application”), filed September 8, 2003. The ’246 application is a
`
`continuation-in-part of Application No. 09/259,991 (the “’991
`
`application”), filed on March. 1, 1999, now U.S. Pat. No. 6,981,141 (“the
`
`’141 patent”). The ’991 Application is a continuation-in-part of
`
`9
`
`

`

`Application No. 09/074,191 (the “’191 application”), filed on May 7, 1998,
`
`now U.S. Pat. No. 6,185,681 (the “’681 patent”). The ’681 patent was the
`
`subject of ex parte reexamination request no. 90/006,529, filed February
`
`10, 2003. Ex. 1011. During reexamination, the claims were rejected a
`
`number of times, including under CFS I, Chan and several other pieces
`
`of prior art. After numerous amendments and a telephonic conference,
`
`certain claims, as amended, were allowed. Id., 84-86. A reexamination
`
`certificate followed shortly thereafter. Id., 1-4.
`
`On April 11, 2006, the applicant filed an amendment and request
`
`for reconsideration whose primary purpose was to swear behind
`
`Brundrett. Ex. 1010. On May 3, 2006, the patent office issued a notice of
`
`allowance (Id., 29-36) and, on August 22, 2006, the ’358 patent issued.
`
`C. Asserted Claims
`The ’358 patent has 3 independent claims (1, 6 and 11) and 12
`
`dependent claims. Claims1–5 are process claims; claims 6–15 are product
`
`claims.
`
`Claims 1, 6, and 11 of the ’358 patent are the independent claims of
`
`the patent and largely contain the same elements. For example, the
`
`independent claims require (1) documents with names, (2) a first table
`
`10
`
`

`

`containing key names and document names, (3) detection of an open or
`
`close command, (4) determination of whether a document needs to be
`
`decrypted or encrypted, (5) retrieving key names associated with the
`
`document name from a first table, then key values associated with a key
`
`name from a second table, and ( 6) encrypting or decrypting the document.
`
`Claim 1 differs from Claims 6 and 11 because it claims a “crypto
`
`server” as opposed to the “program code” described in Claims 6 and 11. The
`
`“crypto server” is the program code that performs the encryption and
`
`decryption. See Ex. 1001, 7:8–11. Claim 11 differs from claims 1 and 6 by
`
`claiming the detection of a “close” command followed by encryption of the
`
`documents, rather than detection of an “open” command followed by
`
`decryption.
`
`The remaining dependent claims add minor limitations (such as
`
`encrypting using a DES algorithm or storing the second table (containing
`
`the encryption key) on a smart card). These claims are reproduced below:
`
`
`1[1.0]
`1[1.1]
`1[1.2]
`
`Claim Limitation
`A process of decrypting documents comprising:
`providing plural documents having respective names
`providing a crypto server for causing documents to be
`decrypted
`
`11
`
`

`

`1[1.3]
`
`1[1.4]
`
`1[1.5]
`
`1[1.6]
`
`1[1.7]
`1[1.8]
`
`1[1.9]
`
`1[1.10]
`2
`
`3
`
`providing a first table having the names of encrypted
`documents
`for each of the names of encrypted documents in the first
`table, a key name associated with a decryption key value
`for the encrypted document.
`detecting an open command for a given document issuing
`from a user of an application program using a user input
`device
`in response to the open command, the crypto server using
`the first table to determine if the given document should
`be decrypted
`if the given document should be decrypted, then
`retrieving the key name associated with the name of the
`given document from the first table
`retrieving the decryption key value associated with the
`key name from a second table, the second table having at
`least one decryption key value
`causing the given document to be decrypted
` The process of decrypting documents of claim 1 further
`comprising providing an electronic document
`management system comprising a SQL database, a SQL
`database server and a SQL database client, wherein the
`electronic document management system performs the
`detecting step.
`The process of decrypting documents of claim 1 further
`comprising providing a database, the database including
`an indicator of whether the documents should be
`decrypted if the indicator in the database does not
`indicate that the given document is to be decrypted,
`determining that the document should not be decrypted.
`
`12
`
`

`

`4
`
`5
`
`6[6.0]
`
`6[6.1]
`
`6[6.2]
`
`6[6.3]
`
`6[6.4]
`
`6[6.5]
`
`6[6.6]
`6[6.7]
`
`6[6.8]
`
`6[6.9]
`7
`
`The process of decrypting documents of claim 1 further
`comprising decrypting the given document with a DES
`algorithm.
`The process of decrypting documents of claim 1 wherein
`the second table is stored in a smart card.
`A computer program product comprising a computer
`usable medium having computer readable program code
`embodied therein for decrypting documents, the program
`code for causing a processor to
`cause plural documents to be decrypted, the documents
`having respective names
`record in a first table the names of the encrypted
`documents
`for each of the names of encrypted documents in the first
`table, a key name associated with a decryption key value
`for the encrypted document
`detect an open command for a given document issuing
`from a user of an application program using a user input
`device
`in response to the open command use the first table to
`determine if the given document should be decrypted
`if the given document should be decrypted, then
`retrieve the key name associated with the name of the
`given document from the first table
`retrieve the decryption key value associated with the key
`name from a second table, the second table having at least
`one decryption key value
`cause the given document to be decrypted.
`The computer program product of claim 6, the program
`13
`
`

`

`10
`
`11[11.5]
`
`8
`
`9
`
`code further for causing the processor to decrypt the given
`document with a DES algorithm.
` A general purpose computer system comprising the
`computer program product of claim 6.
` The computer program product of claim 6, the program
`code further for causing the processor to obtain decryption
`key values from a portable data storage device.
`The computer program product of claim 6 wherein the
`second table is stored in a smart card.
`11[11.0] A computer program product comprising a computer
`usable medium having computer readable program code
`embodied therein for encrypting documents, the program
`code for causing a processor to
`11[11.1] cause plural documents to be encrypted, the documents
`having respective names
`11[11.2] record in a first table the names of the encrypted
`documents
`for each of the names of encrypted documents in the first
`table, a key name associated with an encryption key value
`for the encrypted document
`11[11.4] detect a close command for a given document issuing from
`a user of an application program using a user input device
`in response to the close command use the first table to
`determine if the given document should be encrypted
`11[11.6]
`if the given document should be encrypted, then
`11[11.7] retrieve the key name associated with the name of the
`given document from the first table
`11[11.8] retrieve the encryption key value associated with the key
`name from a second table, the second table having at least
`14
`
`11[11.3]
`
`

`

`one encryption key value and at least one key name
`respectively associated with a one of the encryption key
`values
`11[11.9] cause the given document to be encrypted.
`12
`The computer program product of claim 11, the program
`code further for causing the processor to encrypt the given
`document with a DES algorithm.
`A general purpose computer system comprising the
`computer program product of claim 11.
`The computer program product of claim 11, the program
`code further for causing the processor to obtain encryption
`key values from a portable data storage device.
`The computer program product of claim 11 wherein the
`second table is stored in a smart card.
`
`13
`
`14
`
`15
`
`
`VI. THE PERSON OF ORDINARY SKILL IN THE ART
`The ’358 patent is in the field of data encryption in document
`
`management systems. “[E]ncryption is the process of scrambling data
`
`utilizing a mathematical function called an encryption algorithm, and a
`
`key that affects the results of this mathematical function.” Ex. 1001,
`
`3:22–24. The basic encryption concepts and solutions identified by the ’358
`
`patent were well known in the art prior to 1998. Id., 3:15–21. Dr. Blaze
`
`provides further details on the technology background in his declaration.
`
`Ex. 1002, §VII.
`
`15
`
`

`

`A person of ordinary skill in the art (“POSITA”) at the time of the
`
`purported invention (May 7, 1998) would typically have at least a
`
`bachelor’s degree in computer engineering, computer science, electrical
`
`engineering, or a closely related degree. A POSITA would also have two or
`
`more years of working experience or additional studies in the area of data
`
`encryption and file management systems. This description is approximate,
`
`and a higher level of education or skill might make up for less experience,
`
`and vice-versa. Ex. 1002, ¶60.
`
`VII. CLAIM CONSTRUCTION
`Pursuant to 37 C.F.R. § 42.100(b), the claim terms in this IPR “shall
`
`be construed using the same claim construction standard that would be
`
`used to construe the claim in a civil action under 35 U.S.C. 282(b)… .”
`
`Claim terms must be given “the meaning that the term would have to a
`
`person of ordinary skill in the art in question at the time of the invention.”
`
`Phillips v. AWH Corp., 415 F.3d 1313 (Fed. Cir. 2005) (en banc).
`
`BlackBerry has not identified any terms it believes require
`
`construction in this proceeding. The terms in the ’358 patent should
`
`therefore be accorded their plain and ordinary meaning herein. BlackBerry
`
`believes the plain and ordinary meaning (as understood by a POSITA in
`
`16
`
`

`

`view of the record) is consistent with BlackBerry’s proposed constructions
`
`in the co-pending district court litigation. See Ex. 1013. BlackBerry
`
`reserves the right to present express constructions of any of the ’358 patent
`
`claims at a later time in subsequent proceedings, which interpretation may
`
`differ, in whole or in part, from those presented herein.
`
`VIII.
`
`IDENTIFICATION OF HOW THE CHALLENGED CLAIMS
`ARE UNPATENTABLE
`Pursuant to Rule 42.104(b)(4)–(5), this section demonstrates that the
`
`challenged claims are unpatentable.
`
`A. Ground 1: Claims 1, 3–15 are obvious over Johnson in
`view of McDonnal.
`Johnson was cited in the ’358 Patent file history, in the Jan. 18,
`
`2006 office action as “prior art made of record and not relied upon” but
`
`“considered pertinent to applicant’s disclosure.” Ex. 1010, 408. The
`
`Examiner stated: “Johnson [ ] discloses an encryption file system in
`
`which the processing device authenticates the storage device to
`
`determine if the storage device is authorized to operate with the
`
`processing device.” Id., 408.
`
`Johnson is directed to a system “which implements unique
`
`recognition and comprehension methodologies to verify party identities
`
`and to ensure session security.” Ex. 1004, 1:6–10. In particular, Johnson
`17
`
`

`

`
`
`providees for a processingg device, aa storage device, aand a provvider devvice.
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`Id., 2:114-19. “[TT]he proceessing devvice and tthe storagge device
`
`
`
`
`
`
`
`
`
`
`
`
`
` couple too
`
`
`
`each otther to form an overall userr device [[that] estaablishes aa link witth
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`the proovider devvice to communicaate with aa particullar providder.” Id.
`
`
`
`
`
`
`
`
`
`
`
`
`
`,
`
`shows th
`2:20–24. Fig. 1
`
`
`
`
`e basic coonfiguratiion of Johhnson (shhowing
`
`
`
`
`
`
`
`
`
`processsing devicce 12, stoorage deviice 14, usser devicee 16 and pprovider
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`device 18):
`
`
`
`
`
`TTo ensure security of the commmunicaations bettween devvices, “daata
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`stored on the sttorage devvice is encrypted, aand inforrmation trransferreed
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`betweeen the useer and provider deevices is aalso encryypted.” IId., 2:43––46.
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`Either the proceessing device (UASS 12) or tthe storagge device (EKE 14))
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`may sttore the data encryyption moodules. Id
`
`
`
`
`
`
`
`
`
`
`
`
`
`., 7:60–611, 20:29–331. As parrt of
`
`18
`
`

`

`
`
`
`
`
`
`
`
`eferably tion is pre informatthe enccryption pprocess, ““a table 370 of file
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`maintaained withhin file 152” for eaach manaaged dataa file 154––164. Id.,
`
` six
`
` e
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`26:35––36. “For eeach of thhe managed data fiiles 154–1164, 170, there are
`
`
`
`correspponding pparameters: (1) a ffile name;; (2) a filee address
`
`
`
`
`
`
`
`
`
`
`
`
`
`identiffication coode; (4) a file statuus; (5) an operationnal key fi
`
`
`
`
`
`
`
`
`
`
`
`
`
`; (3) a filee
`
`
`
`le name; and
`
`
`
`(6) a fille referennce code.”” Id., 26:336–40: FFig. 8b bellow showws table 3770
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`after innitializatiion:
`
`
`
`
`
`TThe user oopens thee data filees by provviding a kkey code.
`
`
`
`
`
`
`
`
`
`
`
`
`
`Ex. 1004
`
`,
`
`
`
`11:67––12:9, 26:227–29. Thhis key coode is preeferably uused to deecrypt thee
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`files. Idd., 27:32––36; 38:177–37. 27:113–16, 388:17–21. AAlthough some file
`
`
`
`
`
`
`
`
`
`
`
`
`
`s on
`
`19
`
`

`

`EKE 14 are unencrypted, the managed data files in the table are
`
`typically encrypted. Id., 21:66–22:1.
`
`To decrypt the files in table 370, the processor selects an
`
`operational key file name to associate with the file. Id., 26:33–59. Once
`
`selected, the operational key file name is stored in table 370 and is used
`
`to retrieve an operational key code from a second table. Id., 26:64–67.
`
`This key code is used to decrypt the associated data files. Id., 26:22–33;
`
`27:26–32.
`
`McDonnal is directed to a system for automatic decryption and
`
`re-encryption of file data on a per-use basis within the context of a
`
`multi-threaded operating system under which applications run in
`
`real-time. Ex. 1009, Title. The system of McDonnal includes features
`
`such as decrypting as needed in response to intercepted file-OPEN
`
`request and encrypting as needed in response to intercepted file-CLOSE
`
`requests. Id., Abstract. Further, McDonnal discloses that these
`
`file-OPEN and file-CLOSE requires are issued by an authorized source
`
`(e.g., an authorized user). Id., 6:10-20.
`
`A limitation-by-limitation analysis demonstrating that claims 1
`
`and 3–15 are obvious over Johnson in view of McDonnal follows.
`
`20
`
`

`

`Claim [1.0]: A process of decrypting documents
`
`
`Johnson teaches that the UAS includes data encryption modules
`
`56. Id., 7:60–8:10. Modules 56, when executed by processor 30, encrypt
`
`and decrypt data according to a selected algorithm. Id. For example,
`
`Johnson states “[i]n the UAS 12 shown in FIG. 2a, the
`
`encryption/decryption function is performed by having processor 30
`
`execute the encryption modules 56 stored in the non-volatile memory 38.”
`
`Further, Johnson discloses an alternative embodiment in Fig. 2b, where
`
`UAS 12 is divided into two component blocks: (1) a standard hardware
`
`block 80 and (2) a software block 82, comprising the control programs
`
`and the data. Id., 8:53–63. Software block 82 includes encryption module
`
`100, which provides all the same functionality as encryption block 56. Id.,
`
`9:8–14.
`
`Johnson also discloses that before parameters can be used in
`
`actual operation, they first need to be decrypted. Id. 19:20–25. A flow
`
`diagram for this decryption logic is illustrated in Fig. 4f. Id., Fig. 4f.
`
`Claim [1.1]: providing plural documents having respective
`names
`
`
`Johnson teaches “for each of the managed data files 154–164, 170
`
`there are six corresponding parameters: (1) a file name; (2) a file
`21
`
`

`

`address; (3) a file identification code; (4) a file status; (5) an operational
`
`key file name; and (6) a file reference code.” Id., 26:36–40. The data files
`
`(i.e., plural documents) have corresponding file names (i.e., respective
`
`names).
`
`Claim [1.2]: providing a crypto server for causing documents to
`be decrypted
`
`
`Johnson discloses crypto servers including encryption module 56,
`
`encryption module 100, and decryption logic 62. Johnson explains that
`
`“[i]n the UAS 12 shown in FIG. 2a, the encryption/decryption function is
`
`performed by having processor 30 execute the encryption modules 56
`
`stored in the non-volatile memory 38.” In an alternative embodiment of
`
`UAS 12 in Fig. 2b, UAS 12 is divided into two component blocks: (1) a
`
`standard hardware block 80 and (2) a software block 82, which includes
`
`encryption module 100 and functions the same as encryption block 56.
`
`Id., 8:53–63; 9:8-14. Moreover, Johnson also discloses that decryption is
`
`performed by the processor 30 under control of the decryption logic
`
`stored in section 62 of the non-volatile memory 38 each time the UAS is
`
`powered up. Id., 19:20–25.
`
`
`
`22
`
`

`

`Claim [1.3]: providing a first table having the names of
`encrypted documents
`
`
`Johnson discloses this feature because it discloses an “operational
`
`key file name” as a file name for each encrypted document in table 370.
`
`Ex. 1004, Figs. 8a, 8b, 26:36–40.
`
`Claim [1.4]: for each of the names of encrypted documents in the
`table, a key name associated with a decryption key value for the
`encrypted document
`
`
`J