Filed on behalf of: Koninklijke Philips N.V.
`
`Paper No. _____
`Date Filed: March 13, 2018
`
`UNITED STATES PATENT AND TRADEMARK OFFICE
`________________
`
`BEFORE THE PATENT TRIAL AND APPEAL BOARD
`________________
`
`MICROSOFT CORPORATION and MICROSOFT MOBILE INC.,
`Petitioners,
`
`v.
`
`KONINKLIJKE PHILIPS N.V.,
`Patent Owner.
`________________
`
`Case IPR2018-00277
`Patent No. 8,543,819
`________________
`
`PATENT OWNER’S PRELIMINARY RESPONSE
`UNDER 37 C.F.R. § 42.107
`
`TCL Exhibit 1007
`
`

`

`TABLE OF CONTENTS
`TABLE OF AUTHORITIES .................................................................................... iv
`EXHIBIT LIST ......................................................................................................... vi
`I.
`INTRODUCTION ........................................................................................... 1
`II.
`BACKGROUND ............................................................................................. 4
`A.
`The ’819 Patent ..................................................................................... 4
`B.
`The ’819 Patent Claims ....................................................................... 12
`III. APPLIED PRIOR ART ................................................................................. 14
`A. Willey (Ex. 1003) ................................................................................ 14
`B.
`Ishibashi (Ex. 1006) ............................................................................ 19
`C.
`Sims (Ex. 1007) ................................................................................... 23
`PERSON OF ORDINARY SKILL IN THE ART ........................................ 26
`IV.
`CLAIM CONSTRUCTION .......................................................................... 26
`V.
`LEGAL STANDARDS FOR OBVIOUSNESS ............................................ 27
`VI.
`VII. THE BOARD SHOULD DENY INSTITUTION OF
`PETITIONERS’ GROUNDS UNDER 35 U.S.C. § 325(D) ......................... 28
`VIII. GROUND 1: PETITIONERS FAIL TO ESTABLISH THAT
`ANY CHALLENGED CLAIM IS OBVIOUS OVER WILLEY
`AND ISHIBASHI .......................................................................................... 32
`A.
`Petitioners Fail to Establish that Willey Determines
`Whether the Second and Third Signals are identical .......................... 34
`1.
`Petitioners Fail to Establish That Willey
`Compares a Second Signal to a Third Signal ........................... 35
`a.
`Petitioners’ Declarant Acknowledges that
`Willey Compares the Alleged “Third
`
`i
`
`TCL Exhibit 1007
`
`

`

`
`
`
`
`B.
`
`C.
`
`E.
`
`B.
`
`b.
`
`2.
`
`3.
`
`4.
`
`Signal” to a “Common Secret,” Not to a
`“Second Signal” .............................................................. 35
`Petitioners’ Mischaracterization of Willey
`Does Nothing to Remedy this Failure ............................ 41
`Petitioners Fail to Establish That Willey
`Compares a Second Signal to Any Signal to
`Determine That the Signals are “Identical” .............................. 46
`Petitioners Fail to Establish That Willey’s Third
`Signal is Generated Using the Common Secret ........................ 47
`Petitioners Fail to Establish That Willey Verifies
`That the Second Signal Was Generated Using the
`Common Secret ......................................................................... 48
`Petitioners Fail to Establish that Willey Discloses Use of
`a “Time Interval” as Claimed .............................................................. 50
`Claim 8: Petitioners Fail to Establish that Willey
`Discloses “Securely Sharing the Common Secret” by
`“Transmitting a Random Generated Bit Word to the
`Second Device” ................................................................................... 56
`Claim 9: Petitioners Fail to Establish that Willey
`Discloses Using the “Common Secret” for “Generating a
`Secure Channel” .................................................................................. 58
`Petitioners Fail to Establish that Ishibashi Discloses
`“Shar[ing] the Common Secret with the Second Device
`… After Having Authenticated the Second Device” .......................... 60
`IX. GROUND 2: PETITIONERS FAIL TO ESTABLISH THAT
`ANY CHALLENGED CLAIM IS OBVIOUS OVER WILLEY
`AND SIMS .................................................................................................... 65
`A. Ground 2 Relies on the Same Disclosure in Willey, and
`Thus Fails for the Same Reasons as Ground 1 .................................... 66
`Petitioners Fail to Establish that Sims Discloses
`“Shar[ing] the Common Secret with the Second Device
`… After Having Authenticated the Second Device” .......................... 67
`ii
`
`D.
`
`TCL Exhibit 1007
`
`

`

`
`
`X.
`
`PETITIONERS’ GROUNDS SHOULD BE DENIED AS
`BEING HORIZONTALLY REDUNDANT ................................................. 70
`XI. CONCLUSION .............................................................................................. 72
`
`
`
`
`iii
`
`TCL Exhibit 1007
`
`

`

`TABLE OF AUTHORITIES
`
`Cases
`Broadsign Int’l, LLC v. T-Rex Property AB,
` IPR2017-00006, Paper 7 (P.T.A.B. Apr. 13, 2017) .....................................68
`Cuozzo Speed Techs., LLC v. Lee,
`136 S. Ct. 2131 (2016) ...................................................................................26
`Goertek, Inc. v. Knowles Elecs., LLC,
` IPR2013-00614, Paper 13 (P.T.A.B. Mar. 7, 2014) .....................................71
`Hospira, Inc. v. Genentech, Inc.,
` IPR2017-00739, Paper 16 (P.T.A.B. July 27, 2017) ....................................28
`Illumina, Inc. v. Trs. of Columbia Univ. in the City of New York,
`Case No. IPR2012-00006, Paper 43 (P.T.A.B. May 10, 2013) ....................72
`Kinetic Techs., Inc. v. Skyworks Solutions, Inc.,
`IPR2014-00529, Paper 8 (P.T.A.B. Sept. 23, 2014) .....................................56
`KSR Int’l Co. v. Teleflex Inc.,
` 550 U.S. 398 (2007)......................................................................................27
`Liberty Mutual Ins. Co. v. Progressive Casualty Ins. Co.,
` CBM2012-00003, Paper 7 (P.T.A.B. Oct. 25, 2012) ............................ 70, 71
`Neil Ziegman, N.P.Z., Inc. v. Stephens,
` IPR2015-01860, Paper 11 (P.T.A.B. Feb. 24, 2016) ...................................30
`Synopsys, Inc. v. Mentor Graphics Corp.,
`IPR2012-00041, Paper 16 (P.T.A.B. Feb. 22, 2013) ....................................27
`Toyota Motor Corp. v. Am. Vehicular Sciences LLC,
` IPR2013-00423, Paper 14 (P.T.A.B. Jan. 13, 2014) ....................................72
`Unified Patents Inc. v. Berman,
` IPR2016-01571, Paper 10 (P.T.A.B. Dec. 14, 2016) ............................ 30, 31
`Rules & Statutes
`37 C.F.R. § 42.1 .......................................................................................................28
`
`iv
`
`TCL Exhibit 1007
`
`

`

`
`
`37 C.F.R. § 42.100(b) ..............................................................................................26
`37 C.F.R. § 42.100(b) .............................................................................................. 26
`37 C.F.R. § 42.104(b)(4) ................................................................................... 27, 67
`37 C.F.R. § 42.104(b)(4) ................................................................................... 27, 67
`35 U.S.C. § 312(a)(3) ........................................................................................ 65, 67
`35 U.S.C. § 312(a)(3) ........................................................................................ 65, 67
`35 U.S.C. § 325(d) ........................................................................................ 2, 28, 31
`35 U.S.C. § 325(d) ........................................................................................ 2, 28, 31
`
`
`
`
`
`
`
`V
`
`v
`
`TCL Exhibit 1007
`
`TCL Exhibit 1007
`
`

`

`
`
`EXHIBIT LIST
`
`Exhibit
`2001
`
`Description
`ENCYCLOPEDIA OF ELECTRONICS 347 (1st ed. 1985)
`
`2002
`
`IBM DICTIONARY OF COMPUTING 133, 530, 544 (10th ed. 1993)
`
`
`
`vi
`
`
`
`TCL Exhibit 1007
`
`

`

`
`
`
`
`Case IPR2018-00277
`U.S. Patent No. 8,543,819
`
`Koninklijke Philips N.V. (“Patent Owner”) submits this Preliminary
`
`
`
`Response to the Petition of Microsoft Corp. and Microsoft Mobile Inc.
`
`(collectively, “Petitioners”) seeking inter partes review (“IPR”) of U.S. Patent No.
`
`8,543,819 (“the ’819 patent”).1
`
`I.
`
`INTRODUCTION
`Patent Owner respectfully requests that the Board deny the IPR Petition
`
`against the ’819 patent, as Petitioners have failed to establish a reasonable
`
`likelihood that they will prevail on any claim.
`
`Petitioners propose two obviousness grounds, both of which rely on the
`
`same primary reference—U.S. Patent No. 7,516,325 (“Willey”). Ground 1 applies
`
`Willey in view of European Patent App. No. EP 1100035A (“Ishibashi”) and
`
`Ground 2 applies Willey in view of U.S. Patent No. 6,550,011 (“Sims”).
`
`As an initial matter, the Examiner considered Willey at length during
`
`prosecution of the ’819 patent. While secondary references Ishibashi and Sims
`
`were not referenced directly in the prosecution history, Petitioners apply those
`
`
`1 The Petition does not identify Acer or ASUS as real-parties-in-interest (RPIs).
`
`However, Microsoft intervened in litigations involving the ’819 patent on their
`
`behalf, and both Acer and ASUS are time barred. Patent Owner reserves the right
`
`to dispute the RPI identification.
`
`
`
`- 1 -
`
`TCL Exhibit 1007
`
`

`

`Case IPR2018-00277
`U.S. Patent No. 8,543,819
`
`references in substantially the same manner as the Examiner applied other similar
`
`references during prosecution. The Board should exercise its discretion to
`
`terminate this proceeding under 35 U.S.C. § 325(d), as both grounds asserted in
`
`this Petition rely upon “the same or substantially the same prior art or arguments”
`
`that were previously “presented to the Office.”
`
`Regardless, Petitioners fail to establish that Willey teaches several elements
`
`of the challenged claims. For example, with respect to independent claims 1 and
`
`10, Willey does not suggest (i) determining whether a second and third signal are
`
`identical, or (ii) checking whether a round trip time is within a “predetermined
`
`interval.” For dependent claim 8, Willey fails to suggest “securely sharing the
`
`common secret” by transmitting a random generated bit word to the second device.
`
`For dependent claim 9, Willey fails to suggest using a common secret to generate a
`
`secure channel between devices.
`
`With respect to the recitation in claims 1 and 10 of determining whether a
`
`second and third signal are identical, not only are the signals in Willey that
`
`Petitioners identify as second and third signals not compared to each other, but
`
`they are not identical. While the Petition obfuscates on this point, buried in
`
`Petitioners’ proffered declaration is an admission of this very failure. Petitioners’
`
`declarant compared Willey to the ’819 patent as follows:
`
`- 2 -
`
`TCL Exhibit 1007
`
`

`

`
`
`
`
`
`
`Case IPR2018-00277
`U.S. Patent No. 8,543,819
`
`
`
`Ex. 1009, ¶¶ 172-73 (annotated). As can be seen, Willey compares the alleged
`
`third signal (S3) to the common secret (C), not the alleged second signal (S2). This
`
`is because Willey operates in a fundamentally different manner from the ’819
`
`patent, as discussed in detail below. Additionally, the third signal (S3) results from
`
`an XOR operation involving the first and second signals (S1 and S2).
`
`Consequently, Willey’s alleged third signal (S3) is different from—and certainly
`
`not identical to—its alleged second signal (S2).
`
`Petitioners do not even allege that either secondary reference—Ishibashi or
`
`Sims—remedy this failure of Willey, nor could they. Further, while Petitioners
`
`rely on Ishibashi and Sims for other limitations, such as generally “sharing the
`
`common secret,” those references do not disclose what Petitioners allege. Instead,
`
`Ishibashi and Sims describe no more than basic authentication procedures that
`
`involve the transmission of information that bears no relation to the common
`
`
`
`- 3 -
`
`TCL Exhibit 1007
`
`

`

`
`secret, as claimed. Because these failures permeate all of the challenged claims,
`
`
`
`
`
`Case IPR2018-00277
`U.S. Patent No. 8,543,819
`
`Petitioners have failed to meet their burden to support institution on either ground.
`
`II. BACKGROUND
`A. The ’819 Patent
`The ’819 patent claims a novel and inventive method, device and system for
`
`securely sharing protected content between two devices.
`
`As the distribution of digital media became popular in the late 1990s and
`
`early 2000s, many attempts to protect the media against unauthorized copying and
`
`pirating arose. Ex. 1001, 1:16-28. Such protections were particularly important
`
`for digital media (as compared to analog media), because it was easier and faster to
`
`copy digital media, without any appreciable loss of quality. Id., 1:25-40. To
`
`mitigate such unauthorized copying, certain copy protections were often applied to
`
`data storage devices (such as CDs, DVDs, and the like). Id.
`
`However, additional risks existed when transferring digital data between
`
`devices, such as over the internet. While various methods for encrypting digital
`
`data helped reduce the chance that the data would be intercepted and accessed,
`
`there remained a significant risk that unauthorized devices could trick (or “spoof”)
`
`the transmitting device into providing the protected content, despite such
`
`precautions. Id., 1:41-2:9. This is because, unlike media stored on a device, data
`
`being transmitted is not localized to a specific, protected area, and the transmission
`
`
`
`- 4 -
`
`TCL Exhibit 1007
`
`

`

`
`often takes place via publicly accessible networks (such as the Internet).
`
`
`
`
`
`Case IPR2018-00277
`U.S. Patent No. 8,543,819
`
`Consequently, transmitted data can be intercepted by an unauthorized party
`
`without the content provider’s knowledge. Thus, it has been important that a
`
`transferring device be able to authenticate a receiving device, and ensure that
`
`transmission of protected content occur in a secure manner, while at same time
`
`allowing the legitimate receiver to enjoy the protected content in a full and fair
`
`manner.
`
`For instance, a particular user may purchase a copyright-protected movie to
`
`watch on his/her television, but later might like to watch the same movie on
`
`another device (such as his/her laptop computer). If the movie is contained on a
`
`DVD, this would simply require changing the device on which the DVD was
`
`played. However, if the user instead wishes to electronically transfer the movie to
`
`a laptop computer, additional precautions would be necessary. Before the content
`
`provider allows the user to transfer the movie to the other device, it would want to
`
`ensure that transfer is being made to the same user that purchased the movie, that
`
`the movie is being shared in a permitted manner, and that no unintended party
`
`could access the movie as it is being shared between the user’s devices.
`
`Early attempts to address these concerns included use of distance-bound
`
`protocols, where a distance measurement between two devices sharing content was
`
`made based on a time measurement using a challenge and response bit, along with
`- 5 -
`
`
`
`TCL Exhibit 1007
`
`

`

`
`use of a commitment protocol. Id., 2:1-9. However, this type of scheme did not
`
`
`
`
`
`Case IPR2018-00277
`U.S. Patent No. 8,543,819
`
`allow authenticated device compliancy testing, and was not efficient where mutual
`
`authentication was required. Id.
`
`Another known method was public key cryptography, where public and
`
`private keys are used to encrypt and decrypt information exchanged between the
`
`devices. See Ex. 2002 at 530, 544. In public key cryptography, each device has its
`
`own public key (Kp) and its own private key (Ks), where the public key is shared
`
`with other parties, but the private key is held privately on the device itself, and not
`
`shared with others. See id. Information that is encrypted using a device’s public
`
`key can be decrypted using that same device’s private key. Id. at 544. For
`
`example, Device 1 may send its public key (Kp1) to Device 2, whereupon Device
`
`2 can encrypt information using Device 1’s public key. When the encrypted
`
`information is transmitted back to Device 1, Device 1 can decrypt it using its own
`
`private key (Ks1) and access the information. However, this type of basic
`
`operation does little to prevent so-called man-in-the-middle attacks, where an
`
`unintended party may intercept a transmitted public key and replace it with its own
`
`public key, so as to gain unauthorized access to the protected content on the
`
`device. Thus, while this process provides a level of security for the information
`
`itself, it does not provide information regarding who is sending the encrypted
`
`information, absent some further verification. Furthermore, because there is no
`- 6 -
`
`
`
`TCL Exhibit 1007
`
`

`

`
`proximity determination in this process, Device 1 would not know whether Device
`
`
`
`
`
`Case IPR2018-00277
`U.S. Patent No. 8,543,819
`
`2 is across the street or across the country.
`
`Other verification processes relied on exclusive-OR (or “XOR”) logic
`
`operations, which can be used to compare two digital signals using a logic gate.
`
`See Ex. 2001 at 347. An example of a basic XOR operation is shown below:
`
`
`Id. XOR operations can be used in to perform a variety of functions. For example,
`
`an XOR operation can be used to compare two signal inputs to determine whether
`
`they are the same (or different) signals. In such an operation, the logic gate may
`
`receive two digital signal inputs (A and B), where each signal is a number
`
`comprised of a series of 1’s and 0’s. Id. The logic gate compares the two signals
`
`on a bit-by-bit basis, and an output C is then generated in the manner illustrated in
`
`the table above, such that if the A bit and the B bit are the same, the output C bit is
`
`0, but if the A bit and the B bit are different, the output C bit is 1. Id. Using this
`
`
`
`- 7 -
`
`TCL Exhibit 1007
`
`

`

`Case IPR2018-00277
`U.S. Patent No. 8,543,819
`
`method, a device can determine whether, for example, a received signal (A) and a
`
`locally-stored signal (B) are the same, and authenticate a device on that basis.
`
`XOR operations can also be used for mixing and extraction functions—
`
`which can be used for encrypting and decrypting operations. For example, the
`
`logic gate may receive two digital signal inputs (“key” A and “random number” B)
`
`and mix those signals in the manner illustrated above to generate an output signal
`
`C, where signal C is an encryption of key A using random number B. In this case,
`
`the XOR operation is not used to confirm identity of the signals, but to create a
`
`new (“C”) signal that indicates the manner in which the random number is
`
`different than the key. That signal C can then be transferred to a different device
`
`which similarly contains an XOR gate and the same random number B. If signal C
`
`and random number B are then input into the XOR gate on the second device, the
`
`mathematical result will be an output of the extracted key A (i.e., a decryption of
`
`key A).2
`
`2 Petitioners incorrectly describe certain XOR operations in the applied prior art as
`
`compare operations. For purposes of this Preliminary Response, Patent Owner will
`
`address Petitioners’ interpretations of the XOR operations. However, Patent
`
`Owner reserves the right to contest Petitioners’ characterizations of the XOR
`
`operations in the applied prior art.
`
`- 8 -
`
`TCL Exhibit 1007
`
`

`

`
`
`
`
`Case IPR2018-00277
`U.S. Patent No. 8,543,819
`
`When used for encryption/decryption, XOR operations require that each
`
`
`
`device already contains a shared key or “secret” that can be used to encrypt and
`
`decrypt the information using the logic operation. Thus, they fail to address the
`
`issue of securely transferring protected content to a new device (i.e., a device that
`
`does not already contain a shared secret), or ensuring that the second device is
`
`within a desired proximity of the first device.
`
`The ’819 patent addresses these issues, and discloses an innovative
`
`technique that ensures the secure transfer of protected content from a device on
`
`which the content is stored (first device) to a device requesting the content (second
`
`device), in which (1) the second device is authenticated by reviewing its certificate;
`
`(2) a secret value or “common secret” is securely shared with the just-authenticated
`
`device; (3) a challenge-and-response protocol is carried out to determine whether a
`
`signal received from the second device is identical to a signal that is generated on
`
`the first device using the common secret (thereby verifying the second device), and
`
`(4) the challenge-and-response protocol is also used to determine whether the
`
`second device resides within a limited proximity of the first device. See Ex. 1001,
`
`1:59-2:12; 2:31-55; 3:10-33; 5:63-6:26. All four steps must be completed
`
`successfully before the protected content is shared. See id., Claims 1, 10.
`
`The technique is illustrated in Figure 3:
`
`
`
`- 9 -
`
`TCL Exhibit 1007
`
`

`

`
`
`
`
`
`
`Case IPR2018-00277
`U.S. Patent No. 8,543,819
`
`Id., Fig. 3 (annotated); 5:63-6:26. With respect to the signals exchanged during the
`
`claimed process, Figure 3 can be simplified as follows:
`
`
`
`
`
`- 10 -
`
`TCL Exhibit 1007
`
`

`

`
`
`
`
`
`
`Case IPR2018-00277
`U.S. Patent No. 8,543,819
`
`
`
`
`
`In the process illustrated above, the first and second devices already have
`
`securely exchanged a common secret following the first device’s verification of the
`
`second device’s certificate. Id., 5:63-67; Claims 1, 10. To begin the process, the
`
`first device transmits a “first signal” to the second device. Id., 5:67-6:2. After the
`
`second device receives the “first signal,” it modifies the signal using the locally-
`
`stored “common secret” to generate a “second signal,” which is then transmitted
`
`back to the first device. Id., 6:2-6. The first device likewise performs the same
`
`operation by modifying the first signal with its own locally-stored “common
`
`secret” to generate a “third signal.” Id., 6:7-13. The first device then compares the
`
`locally-generated “third signal” with the “second signal” received from the second
`
`
`
`- 11 -
`
`TCL Exhibit 1007
`
`

`

`
`device—if the signals are “identical,” then the received signal is authenticated, and
`
`
`
`
`
`Case IPR2018-00277
`U.S. Patent No. 8,543,819
`
`can be used for the proximity determination. Id., 6:13-19; Claims 1, 10.
`
`
`
`To perform the proximity determination, the first device generates a “round-
`
`trip time,” which is the difference in time between transmission of the first signal
`
`to the second device, and reception of the second signal from the second device.
`
`Id., 5:7-10; 6:24-26; Claims 1, 10. Then the first device checks whether the round
`
`trip time is within a predetermined time interval, and if the round trip time is
`
`within that interval, the devices are determined to be sufficiently close to each
`
`other, and the second device receives access to the content stored on the first
`
`device. Id., Claims 1, 10.
`
`This process provides an innovative way of ensuring that the protected
`
`content is shared with a sufficiently-near, authorized device, while minimizing the
`
`risk of unauthorized access.
`
`The ’819 Patent Claims
`B.
`The challenged claims of the ’819 patent recite a method and device for
`
`permitting access to protected content stored on a device based on authentication,
`
`signal verification and device proximity. The ’819 patent contains 16 claims (4
`
`independent). Petitioners challenge 10 of those 16 claims—specifically,
`
`independent claims 1 and 10, dependent claims 2-3, 5-9, and 11. Independent
`
`claim 1 is representative, with the greatest points of contention emphasized:
`
`
`
`- 12 -
`
`TCL Exhibit 1007
`
`

`

`
`
`
`
`Case IPR2018-00277
`U.S. Patent No. 8,543,819
`
`1. A method of determining whether protected content stored on a
`first communication device are accessed by a second communication
`device, the method comprising the step of:
`
`performing a round trip time measurement between the first
`communication device and the second communication device, said
`round trip time measurement comprising:
`
`transmitting a first signal to the second device at a first time;
`
`receiving a second signal from the second device at a second
`time,
`
`generating a third signal using a common secret;
`
`determining whether said second signal and said third signal
`
`are identical to verify that the second signal was generated
`using the common secret;
`
`generating the round trip time as a difference between said first
`time and said second time;
`
`checking whether the round trip time is within a predefined
`
`interval, and allowing access of the protected content provided
`
`that the round trip time is within the predefined interval, said
`
`second signal and said third signal are identical and the
`second device is authenticated,
`
`wherein:
`
`the first device authenticates the second device by:
`
`receiving a certificate of said second device;
`
`- 13 -
`
`
`
`
`
`TCL Exhibit 1007
`
`

`

`
`
`
`
`
`
`Case IPR2018-00277
`U.S. Patent No. 8,543,819
`
`verifying that the certificate of said second device identifies
`said second device as complying with a set of predefined
`compliance rules, and
`
`the first device securely shares the common secret with the
`
`second device according to a key management protocol
`after having authenticated the second device.
`
`Independent claim 10 recites a communications device that includes
`
`the means required to perform the method recited in claim 1.
`
`III. APPLIED PRIOR ART
`A. Willey (Ex. 1003)
`Willey is directed primarily to a process of wirelessly pairing a mobile
`
`phone with a headset, so that a user can, for example, listen to telephone calls
`
`through the headset. See Ex. 1003, Abstract; 6:10-26; Figs. 5-8. This process
`
`assumes that the user controls both devices, and describes the user taking an active
`
`part in the pairing process.
`
`
`
`
`
`- 14 -
`
`TCL Exhibit 1007
`
`

`

`
`See id., Fig. 5.
`
`
`
`
`
`Case IPR2018-00277
`U.S. Patent No. 8,543,819
`
`For example, Willey describes a “pairing procedure” between a phone and a
`
`headset, where a user first “initiates a wireless communication link” (e.g., a
`
`Bluetooth connection), and then simultaneously looks at a series of digits
`
`“displayed by a display” of the phone, and listens to a set of digits “announced …
`
`via the speaker” of the headset. Ex. 1003, 6:27-7:14; 8:29-46. If the digits
`
`displayed on the phone are the same as the digits announced via the speaker, then
`
`the user can verify that the phone and headset are correctly paired. Id.
`
`Willey also describes an additional embodiment (on which Petitioners rely),
`
`where a user establishes a “link key … between two devices” (e.g., PDAs). Id.,
`
`12:50-57; 13:29-52; Fig. 11.
`
`
`
`
`
`- 15 -
`
`TCL Exhibit 1007
`
`

`

`
`In this embodiment, Willey states that the pairing requires the devices be “adjacent
`
`
`
`
`
`Case IPR2018-00277
`U.S. Patent No. 8,543,819
`
`to each other in such a way that sound from the speaker of PDA 200 [is] readily
`
`detectable by the microphone of PDA 1010 and vice versa,” typically “within one
`
`foot” of each other. Id., 12:57-62.
`
`Once the devices are so positioned, Willey describes a key exchange process
`
`where certain signals are exchanged between the devices in order to determine
`
`whether pairing should take place. Id., 13:29-52. This signal exchange is
`
`illustrated below, with Petitioners’ alleged signal identifications in quotes3:
`
`
`3 Patent Owner does not concede that Petitioner’s signal identifications are correct.
`
`However, for purposes of this Preliminary Response, Patent Owner relies upon
`
`Petitioners’ signal identification to show that the Petition fails even accepting
`
`Petitioners’ identification of respective signals.
`
`
`
`- 16 -
`
`TCL Exhibit 1007
`
`

`

`
`
`
`
`
`
`Case IPR2018-00277
`U.S. Patent No. 8,543,819
`
`
`
`In this key exchange process, each device computes two separate “antispoof
`
`variables” (the alleged “common secret”) based on a shared secret. Id., 13:29-33.
`
`The first device then sends a “random number” (the alleged “first signal”) to the
`
`second device. Id., 13:39-46. The second device modifies the random number
`
`with its own antispoof variable to generate a “response” (the alleged “second
`
`signal”), which is then transmitted back to the first device. Id., 13:46-66.
`
`After the first device receives the response, it “take[s] the XOR of the
`
`response bit [the alleged second signal] with the random bit to which the response
`
`bit is a response [the alleged first signal] and verifies that it is the same as the
`
`appropriate bit of the antispoof variable [the alleged common secret].” Id., 15:28-
`- 17 -
`
`
`
`TCL Exhibit 1007
`
`

`

`
`32. Willey states that, in order to authenticate the second device, the output of the
`
`
`
`
`
`Case IPR2018-00277
`U.S. Patent No. 8,543,819
`
`XOR gate (the alleged “third signal”) and the antispoof variable must be
`
`“substantially close to 100%” when compared on a bit-by-bit basis. Id., 15:46-57.
`
`Willey further acknowledges that its process allows for “[a] number of bit errors”
`
`when comparing the XOR output with the antispoof variable, as the antispoof
`
`variables on each device may not be the same. See id.
`
`As part of this process, the transmitted and received signals are used to
`
`generate a distance measurement. In particular, Willey explains that the
`
`authenticating (“first”) device determines a “round trip time” from the time that the
`
`challenge (“first signal”) is transmitted to the time the response (“second signal”)
`
`is received. Id., 15:33-35. The alleged first device “then multiples this time by the
`
`speed of the signal used and divides by two to determine the distance” between
`
`devices. Id., 15:36-38. This can be represented mathematically as: (round trip
`
`time) * (signal speed) / 2 = calculated distance. This calculated distance is then
`
`compared to a “maximum allowed distance” to determine whether the devices are
`
`sufficiently close. Id., 15:38-40. If the calculated distance is within the maximum
`
`allowed distance, the devices can be paired. If not, the pairing process is aborted.
`
`Id., 15:40-46.
`
`
`
`- 18 -
`
`TCL Exhibit 1007
`
`

`

`
`
`
`
`
`
`Case IPR2018-00277
`U.S. Patent No. 8,543,819
`
`Ishibashi (Ex. 1006)
`B.
`Petitioners rely upon Ishibashi to suggest securely sharing the claimed
`
`“common secret.” The claims recite that the common secret is used to generate the
`
`second and third signals. The claims also recite that the first device securely shares
`
`the common secret with the second device according to a key management
`
`protocol after having authenticated the second device.
`
`In general, Ishibashi is directed to a method and device intended to allow a
`
`user to repurchase media files through additional devices. See Ex. 1006, 1:30-
`
`6:23. In particular, Ishibashi identifies the issue where a user with multiple devices
`
`“must buy content and pay its usage charge for each information processing
`
`apparatus,” where the content is already owned by the user through a first
`
`purchase. Id., 1:20-26. Ishibashi discloses a mutual authentication scheme
`
`intended to allow the user to repurchase the same content at a discounted price, so
`
`that it can be securely accessed by more than one device. Id., 1:5-10; 1:30-6:23.
`
`In particular, Ishibashi describes an electronic music distribution (“EMD”)
`
`system that includes an “EMD service center,” a “content provider,” a “service
`
`provider,” and a “user home network.” Id., 8:38-9:29; Figs. 1-2.
`
`
`
`- 19 -
`
`TCL Exhibit 1007
`
`

`

`
`
`
`
`
`
`Case IPR2018-00277
`U.S. Patent No. 8,543,819
`
`
`
`In the described process, the “content provider” is where the desired
`
`“content” is located, and the “EMD service center” seeks to manage access to that
`
`content. See id., 8:40-46 (“… EMD service center 1 … manages individual pieces
`
`of equipment, content provider 2 that provides content …”); 8:47-9:39; Figs. 1-3.
`
`Ishibashi also explains that, prior to the sharing of content by the content provider,
`
`the content provider and EMD service center must perform a “mutual
`
`authentication” in order to determine whether the respective devices are legitimate.
`
`See Ex. 1006, 30:52-35:23; 8:53-9:9.
`
`Petitioners rely on Ishibashi’s description of the mutual authentication
`
`process set forth in Figure 37 as