Case 3:22-cv-00694-MPS Document 1-10 Filed 05/23/22 Page 1 of 109
`
`Exhibit J
`
`
`
`Exhibit J
`
`
`
`The Accused Instrumentalities include, but are not necessarily limited to, Apple iPhone and Apple iPad compatible with Yale
`Case 3:22-cv-00694-MPS Document 1-10 Filed 05/23/22 Page 2 of 109
`Smart Locks, and any Apple product or device that is substantially or reasonably similar to the functionality set forth below. The
`Accused Instrumentalities infringe the claims of the "208 Patent, as described below, cither directly under 35 U.S.C. § 271 (a), or
`indirectly under 35 U.S.C. $8 271(b)-(e). The Accused Instrumentalities infringe the claims of the "208 Patent literally and, to the
`extent not literally, under the doctrine of equivalents.
`
`Claim |
`
`|. Asystem for providing|Te fe extent that the preamble is deemed to be a limitation, the Accused Instrumentalities are
`SOCLINE dCCESS tO a
`configured to ose a system in accordance with thix clatws.
`controlled item, the
`system comprising:
`
`august-and-yale-locks|)
`
`More specifically, the controlled item is a locking mechanism ofthe door lock ofthe user's home. The
`Accused Instrumentalities are configured to provide secure access to the user's home via Yale Smart
`Locks when the user provides biometric signal to the Accused Instrumentalities via Touch ID or Face
`ID.
`
`“When the “Secure Remote Access” feature is tuned on,
`
`This further ensures that your door is only operated by the right people at the ime you intend
`
`for it.”
`(https:/us. yalchome.com/en‘yale-news/blog/latest-blog-postsintroducing-biometnc-verification-for-
`
`CPC Ex. 2005 — Page 238
`ASSA ABLOYABv. CPC Patent Technologies Pty Ltd.
`IPR2022-01045
`
`
`
`Case 3:22-cv-00694-MPS Document 1-10 Filed 05/23/22 Page 3 of 109
`
`= Open
`
`Yale
`
`Q
`
`Introducing Biometric Verification for August and Yale Locks
`
`
`
`(hitps://us-yalehome.com/enyale-ne ws’ blog latest-bloe-posts/introducine-biometric-venfication-lor-
`august-and-yale-locks |)
`
`CPC Ex. 2005 — Page 239
`ASSA ABLOYABv. CPC Patent Technologies Pty Ltd.
`IPR2022-01045
`
`
`
`Case 3:22-cv-00694-MPS Document 1-10 Filed 05/23/22 Page 4 of 109
`
`
`
`(https: www.apple.com/shop'product'HPARIAM/A/yale-assure-lock-sl-touchsereen-deadboll-black }
`
`CPC Ex. 2005 — Page 240
`ASSA ABLOYABv. CPC Patent Technologies Pty Ltd.
`IPR2022-01045
`
`
`
`The Accused Instrumentalities compatible with Yale Smart Locks are shown below:
`Case 3:22-cv-00694-MPS Document 1-10 Filed 05/23/22 Page 5 of 109
`
`Compatibility
`
`iPhone Models
`iPhone 12 Pro
`iPhone 12 Pro Max
`iPhone 12 mini
`iPRone 12
`iPhone 14 Pro
`iPhone 11 Pro Max
`iPhone 11
`
`Phone SE (2nd generation)
`iPhene XS
`IPhone X5 Max
`iPhone XR
`iPhone X
`Phone 8
`iPhone § Plus
`iPhone 7
`iPhone 7 Plus
`
`iPhone 6s
`IPhone 6s Plus
`iPhone SE (1st generation)
`
`signatures;
`
`iPad Medels
`iPad Pro 12.9-inch
`(6th generation}
`iPad Pro 12.9-inchn
`{4th generation)
`iPad Pro 12.9-inch
`(4rd generation)
`iPad Pro 42.9-inch
`(2nd generation}
`ipad Pre 42.9-inch
`(1st generation)
`iPad Pro 14-inch
`(ard generation)
`iPad Pro 71-inch
`{2nd generation}
`iPad Pro 14-inch
`(ist generation)
`iPad Pro 10.5-inch
`iPad Pro 97-inch
`iPad Air (4th generation)
`iPad Aie (3rd generation)
`iPad Air 2
`iPad (@th generation)
`iPad (7th generation)
`iPad (6th generation)
`Fad (th generation)
`iPad mini (Sth generation)
`iPad mini 4
`
`la. a database of biometric|The Accused Instrumentalities include a memory comprising a database of biometric signatures.
`
`hitps://www.apple.com/shop/product/HPAR2ZM/A/yale-assure-lock-sl-touchscreen-deadbolt-black
`
`CPC Ex. 2005 — Page 241
`ASSA ABLOYABv. CPC Patent Technologies Pty Ltd.
`IPR2022-01045
`
`
`
`More specifically, the iPhone allows multiple biometric signatures to be entered into a database on the
`Case 3:22-cv-00694-MPS Document 1-10 Filed 05/23/22 Page 6 of 109
`iPhone:
`
`| Toweh 1D
`
`The iPhone allows the registration of multiple fingerprints:
`
`Fig. from hitps://suppor.apple.com/en-us/HT20137) under Manage Touch (D Settings. In the second
`bullet, it literally says:
`
`“Register up to five fingerprints.”
`
`“Touch ID can read multiple fingerprints, and it can read fingerprints in 360-degrees oforventation. It
`then creates a mathematical representation of your fingerprint and compares this to your enrolled
`fingerprint data to identify a match and unlock your device. "
`
`CPC Ex. 2005 — Page 242
`ASSA ABLOYABv. CPC Patent Technologies Pty Ltd.
`IPR2022-01045
`
`
`
`(https:/supportapple.com/en-us/HT204587)
`Case 3:22-cv-00694-MPS Document 1-10 Filed 05/23/22 Page 7 of 109
`"Touch (ID can read multiple fingerprints and recognize fingerprints at any orientation ofthe finger
`The system then creates a mathematical representation of your fingerprint and compares it to the
`registered fingerprint data to determine a match and unlock your device.”
`(hittps://support.apple.com/en-us/HT204587)
`
`Face ID
`
`The iPhone allows the registration of multiple taces
`
`To register a face, the iPhonetakes a series of pictures of the user in different poses whilecircling his
`head, This is revealed in detail in https://support.apple.com/en-us/HT208109 in the second section
`_ "ConfigureFaceID", therealso the figureshownabove.
`
`CPC Ex. 2005 — Page 243
`ASSA ABLOYABv. CPC Patent Technologies Pty Ltd.
`IPR2022-01045
`
`
`
`Case 3:22-cv-00694-MPS Document 1-10 Filed 05/23/22 Page 8 of 109
`To register a second face, the iPhone offers a corresponding option in its settings. If the user selects the
`option "Set up an alternative appearance" as shownin the figure below (from How To Add A Second
`Face To Face ID - Macworld UK; https://www.macworld.co.uk/how-to/second-face-id-3803421/), a
`second face is registered by the iPhone in the same wayasthefirst face.
`
`(https://support.apple.com/de-de/guide/iphone/iph6d162927a/ios)
`
`"Set up Face ID or add another face.
`
`«
`
`Select "Settings" > "Face ID & Code" > "Configure alternate appearance" if you wantto
`configure another face to be recognized by Face [D."
`
`CPC Ex. 2005 — Page 244
`ASSA ABLOYABv. CPC Patent Technologies Pty Ltd.
`IPR2022-01045
`
`
`
`¢ te
`Face 10 8 Ponaceeie
`Case 3:22-cv-00694-MPS Document 1-10 Filed 05/23/22 Page 9 of 109
`f —
`ae
`
`<
`PhoewUnie,
`
`1 Anh Swe|@
`
`< <
`
`ie
`
`at ie ae: rhea deerarane
`
`Genet leo EE]
`
`Haque MtientonforFace ED «
`
`The page How To Add A Second Face To Face ID - Macworld UR
`(httips.//www.macworld.co.uk/how-to/second-face-id-3803421/) literally states:
`
`“Face ID is a fast and secure way to unlock your iPhone or iPad Pro, but you may not knowthat you
`can actually set up more than one faee to use the feature.
`
`This second face could belong to a loved one, enabling your partner or child to access your phone
`without requiring your smiling mug to unlock at, ™
`
`To store the biometric signatures ("template data") from the received biometric signals, the iPhone has
`a System on Chip (SOC) called a Secure Enclave. A Secure Enclave Processor provides the Secure
`Enclave with computing power:
`
`CPC Ex. 2005 — Page 245
`ASSA ABLOYABv. CPC Patent Technologies Pty Ltd.
`IPR2022-01045
`
`
`
`(d., at 16.)
`
`Secure nonvolatile storage
`“The Secure Enclave is equipped with a dedicated secure nonvolatile storage device.
`The secure nonvolatile storage is connected to the Secure Enclave using a dedicated I2C bus, so that it
`can only be accessed by the Secure Enclave.”
`(/d., at 15.)
`
`Adding or removing a Touch ID fingerprint or Face ID face”.
`
`CPC Ex. 2005 — Page 246
`ASSA ABLOYABv. CPC Patent Technologies Pty Ltd.
`IPR2022-01045
`
`* °
`
`Case 3:22-cv-00694-MPS Document 1-10 Filed 05/23/22 Page 10 of 109
`"The Secure Enclave is a system on chip (SoC)that is included on all recent iPhone, ... devices"
`(Ex. A, Apple Platform Security, at 7.)
`
`"The Secure Enclave is a dedicated secure subsystem integrated into Apple systems on chip (SoCs)."
`(/d., at 9.)
`
`The Secure Enclave Processor provides the main computing powerfor the Secure Enclave."
`(id., at 10.)
`
`"During enrollment, the Secure Enclave processes, encrypts, and stores the corresponding Touch ID
`and Face ID template data.”
`(id., at 19.)
`
`The Secure Enclave has access to a memory assignedto it and accessible only toit:
`
`This memory serves as a database for storing the biometric signatures:
`
`"The secure nonvolatile storage is used for all anti-replay services in the Secure Enclave. Anti-replay
`services on the Secure Enclave are used for revocation of data over events that mark anti-replay
`boundaries including, but not limited to, the following:
`
`
`
`This database is shown in the figure from Apple Platform Secutiry reproduced below:
`Case 3:22-cv-00694-MPS Document 1-10 Filed 05/23/22 Page 11 of 109
`
`MataSSeer iar anger eLait
`
`peswzts
`
`Seca Lee
`Syeee on ua
`
`Database 105
`(Ex. A, Apple Platform Security, al 4.)
`As se_forth in elements [hd, (42, and [63 below, the Accused [nstrumentalities include a
`
`Ib.a transmitter sub-
`SVSIGM COMprising:
`
`fronsmiffer sub-system,
`
`CPC Ex. 2005 — Page 247
`ASSA ABLOYABv. CPC Patent Technologies Pty Ltd.
`IPR2022-01045
`
`
`
`The iPhone's Secure Enclave ts a transmitter sub-system. It sends ephemerally re-encrypted file keys to
`Case 3:22-cv-00694-MPS Document 1-10 Filed 05/23/22 Page 12 of 109
`the application processor withits file system driver (“Application Processor file-system driver”) to
`read the files in the NAND Flash Storage.
`aki Paruts eter aye
`
`TRAM
`
`[eeoeeeiee
`
`(Ex. A, Apple Platform Security, at 9.)
`
`“sepOS can then use the ephemeral wrapping key to wrap file keys for use by the Application
`Processor file-system driver. When the file-svstem driver reads or writes a file, it sends the
`wrapped key to the AES Engine, ”
`(fc, at 14.)
`
`CPC Ex. 2005 — Page 248
`ASSA ABLOYABv. CPC Patent Technologies Pty Ltd.
`IPR2022-01045
`
`
`
`Case 3:22-cv-00694-MPS Document 1-10 Filed 05/23/22 Page 13 of 109
`‘All wrapped file key handling wocurs in the Secure Enclave; the file key 1s never directly exposed to
`the Application Processor. [...] When the Secure Enclave unwraps a file's keys, they're rewrapped with
`ihe ephemeral key and sent back to the Application Processor.”
`(fd, at 85.)
`
`Che file system driver of the application processor is an WWME driver
`
`ee Te Tg
`
`ela
`
`Pep ed
`
`Pe
`
`FilesystemData Prot
`
`ities|
`
`| (Ex. B, Behind the Scenes with 10S Security, at 30.)
`Ibl. for|The Accesed Jnstrumentatities include a biometric sensor configured to receive a biametric signal.a biometric sensor
`
`
`receiving a biometne
`signal:
`
`More specifically, the iPhone has at beast one biometric sensor for capturing a fingerprint or a face
`(Toweh [and/or Face 1D), namely a Touch 1D sensor and @ camera system wilh image sensor,
`| respectively
`
`CPC Ex. 2005 — Page 249
`ASSA ABLOYABv. CPC Patent Technologies Pty Ltd.
`IPR2022-01045
`
`
`
`Case 3:22-cv-00694-MPS Document 1-10 Filed 05/23/22 Page 14 of 109
`Touch ID
`
`"Apple devices with a Touch ID sensor can be unlocked using a fingerprint.”
`(Ex. A, Apple Platform Security, at 19.)
`
`(https://appleinsider.com/inside/touch-id
`
`"Touch ID is the fingerprint sensing system that makes secure access to supported Apple devices faster
`and easier. This technology reads fingerprint data from any angle and learns more about a user's
`fingerprint over time, with the sensor continuing to expand the fingerprint map as additional
`overlapping nodesare identified with each use."
`(/d.)
`
`"When the fingerprint sensor detects the touch ofa finger, it triggers the advanced imagingarray to
`scan the finger and sends the scan to the Secure Enclave."
`id.)
`
`The biometric sensor for Touch ED is located below the home button:
`
`"The Home button is a stack of different materials, capped with a sapphire crystal lens. The
`surrounding stainless-steel ring works as a ground and detects the user's finger. This action activates a
`capacitive touch sensor installed underneath the cover: A CMOSchip with smail capacitors."
`
`CPC Ex. 2005 — Page 250
`ASSA ABLOYABv. CPC Patent Technologies Pty Ltd.
`IPR2022-01045
`
`
`
`Case 3:22-cv-00694-MPS Document 1-10 Filed 05/23/22 Page 15 of 109
`
`| eRetLdenen
`
`pgogee ote ten
`
`is ea
`
`Usage Eu]
`
`Biometnec sensor 12]
`
`“Where is the Touch 1D sensor located?
`
`The Touch 1 sensor is located either in the hone button or - on the iPad Air (4th seneration) - in the top
`button
`
`(hitps:‘supporlapplecomven-us/TIT201 37 1)
`
`| [he image sensor captures an 88-by-88-pixel, S00 PPI raster scan:
`
`| “The &8-by-88-pixel, 500-ppi raster scan is temporanly stored in encrypted memory within the Secure
`Enclave while being vectorized for analysis, and thenit's discarded, The analysis utilizes subdermal
`| ridge flow angle mapping, which is a lossy process that discards minutia data that would be required to
`| reconstruct the user's actual fingerprint. The resulting map of nodes is stored without any identity
`| information in an enery pted format that can only be read by the Secure Enclave, and is never sent to
`
`Apple or backed up to (Cloud or Tunes. ”
`
`"
`
`CPC Ex. 2005 — Page 251
`ASSA ABLOYABv. CPC Patent Technologies Pty Ltd.
`IPR2022-01045
`
`
`
`(Ex. C, iOS Security white paper, at 8.)
`Case 3:22-cv-00694-MPS Document 1-10 Filed 05/23/22 Page 16 of 109
`
`Face ID
`
`The biometric sensor for facial biometrics is a camera system ("'TrueDepth camera system") with an
`image sensor.
`
`"With a simple glance, Face ID securely unlocks supported Apple devices. It provides intuitive and
`secure authentication enabled by the TrueDepth camera system, which uses advanced technologies to
`accurately map the geometry of a user's face. ”
`(Ex. A, Apple Platform Security, at 20.)
`
`To receive a biometric signal, the camera system with image sensor reads over 30,000 infrared points
`to capture depth information along with a two-dimensional infrared image.
`
`perform facial biometrics:
`
`"After the TrueDepth camera confirms the presence ofan attentive face, it projects and reads over
`30,000 infrared dots to form a depth mapofthe face along with a 2D infrared image. This data is
`used to create a sequence of 2D images and depth maps, which are digitally signed and sentto the
`Secure Enclave. To counter both digital and physical spoofs, the TrueDepth camera randomizes the
`sequence of 2D images and depth map captures, and projects a device-specific random pattern, A
`portion of the Secure Neural Engine-protected within the Secure Enclave-transformsthis data into a
`mathematical representation and compares that representation to the enrolled facial data. This enrolled
`facial datais itself a mathematical representation of the user's face captured across a variety of poses.”
`(fd)
`
`The camera system includes a biometric image sensor, namely a "CMOS image"sensor from Sony, to
`
`8
`
`CPC Ex. 2005 — Page 252
`ASSA ABLOYABv. CPC Patent Technologies Pty Ltd.
`IPR2022-01045
`
`
`
`Case 3:22-cv-00694-MPS Document 1-10 Filed 05/23/22 Page 17 of 109
`
`Botivealiqneaeni
`
`altribute; aril Accused Instrumentalities
`
`More specifically, the iPhone's System on Chip (SOC), ie. the Secure Enclave with its Secure Enclave
`Processor (SEP) or a Secure Neural Engine contained therein, is a means (103) to check a match of the
`biometric signal with elements of the biometric signature database.
`
`(https://appleinsider.com/articles/17/09/09) inner-workings-ol-apples-face-id-camera-detailed-in-
`report)
`
`The Accused Instrumentalities include a transmitter controller configured to ecmif a secure access
`sieve convering information dependent ipon said accessihility anriiuge,
`
`1b2. means for matching
`the biometric signal
`against members of the
`database of biometric
`signatures to thereby
`output an accessibility
`
`“The Seewre Enelave is a system on chip (SoC) that is included on all recent iPhone, ... devices”
`(Ex. A, Apple Platform Security, at 7.)
`
`16
`
`CPC Ex. 2005 — Page 253
`ASSA ABLOYABv. CPC Patent Technologies Pty Ltd.
`IPR2022-01045
`
`
`
`The biometric signal received from the biometric sensor ("Incoming data from the biometric sensor") is
`thus checked by the Secure Enclave and its SEP with the elements of the database of biometric
`signatures 105, i.e. the "stored templates", for the presence of a match.
`
`For Touch ID,the Secure Enclave match verification is performed as follows:
`
`"The Secure Enclave is responsible for processing fingerprint data from the Touch ID sensor,
`determining if there is a match againstregistered fingerprints, and then enabling access or purchases on
`behalf of the user...”
`(Ex. C, iOS Security white paper, at 7.)
`
`"During matching, the Secure Enclave compares incoming data from the biometric sensor against the
`Case 3:22-cv-00694-MPS Document 1-10 Filed 05/23/22 Page 18 of 109
`stored templates to determine whether to unlock the device or respond that a match is valid (for
`Apple Pay, in-app, and other uses of Touch ID and Face ID). “
`(/d., at 19.)
`
`(https://support.apple.com/de-de/HT204587)
`
`"During enrollment, the resulting map of nodesis stored in an encrypted format that can be read only
`by the Secure Enclave as a template to compare against for future matches...."
`(Ex. A, Apple Platform Security, at 19.)
`
`"Touch ID can read multiple fingerprints, and it can read fingerprints in 360-degrees of orientation. It
`then creates a mathematical representation of your fingerprint and comparesthis to your enrolled
`fingerprint data to identify a match and unlock your device. ”
`(https://suppert.apple.com/en-us/HT204587)
`
`"Touch ID can read multiple fingerprints and recognize fingerprints at any orientation of the finger.
`The system then creates a mathematical representation of your fingerprint and comparesit to the
`registered fingerprint data to determine a match and unlock your device."
`
`CPC Ex. 2005 — Page 254
`ASSA ABLOYABv. CPC Patent Technologies Pty Ltd.
`IPR2022-01045
`
`
`
`For Face ID, the Secure Enclave has a neural network protected byit, i.e., a Secure Neural Engine,
`Case 3:22-cv-00694-MPS Document 1-10 Filed 05/23/22 Page 19 of 109
`which is used to verify the match:
`
`"Face ID uses neural networks for determining attention, matching, and antispoofing, so a user can
`unlock their phone with a glance."
`(Ex. A, Apple Platform Security, at 20.)
`
`"A portion of the Secure Neural Engine-protected within the Secure Enclave-transformsthis data into a
`mathematical representation and compares that representation to the enrolled facial data. This enrolled
`facial data is itself a mathematical representation of the user's face captured across a variety of poses."
`(id.).
`
`(id. at 19.)
`
`"Facial matching security
`Facial matching is performed within the Secure Enclave using neural networkstrained specifically for
`that purpose... Face ID data, including mathematical representations of a user's face, is encrypted and
`available only to the Secure Enclave. This data never leaves the device."
`(id. at 23.)
`
`When the Secure Enclave, or more precisely the Touch ID or Face ID subsystem within the Secure
`Enclave, has determined that a match exists, an accessibility attribute is issued by the corresponding
`Touch ID or Face ID subsystem. This Touch ID or Face ID subsystem is also referred to as the SBIO.
`The accessibility attribute confirms that there is a match and that the iPhoneis to be unlocked ("...
`determine whether to unlock the device...").
`
`This confirmation of the match is signaled by the SBIO by issuing a random secret to which only the
`Touch ID or Face ID subsystem within the Secure Enclave has access:
`
`“During matching, the Secure Enclave compares incoming data from the biometric sensor against the
`stored templates to determine whether to unlock the device[...]."
`
`CPC Ex. 2005 — Page 255
`ASSA ABLOYABv. CPC Patent Technologies Pty Ltd.
`IPR2022-01045
`
`
`
`"Uses for Touch ID and Face ID
`Case 3:22-cv-00694-MPS Document 1-10 Filed 05/23/22 Page 20 of 109
`Unlocking a device or user account
`
`[...] keys for the highest class of Data Protection-which are held in the Secure Enclave[...].
`
`(Id.at 24.)
`
`"The class key is protected with the hardware UID and, for someclasses, the user's passcode."
`(id. at 85.)
`
`With Touch ID or Face 1D enabled, the keys aren't discarded when the device or account locks;
`instead, they're wrapped with a key that's given to the Touch ID or Face ID subsystem inside the
`Secure Enclave. When a user attempts to unlock the device or account, if the device detects a
`successful match, it provides the key for unwrapping the Data Protection keys, and the device or
`account is unlocked. This process provides additional protection by requiring cooperation between the
`Data Protection and Touch ID or Face ID subsystems to unlock the device."
`
`associated with the
`
`"Complete Protection
`
`(NSFileProtectionComplete): The class key is protected with a key derived from the user passcode or
`password and the device UID. Shortly after the user locks a device (10 seconds, if the Require
`Passwordsetting is Immediately), the decrypted class key is discarded, rendering all data in this
`class inaccessible until the user enters the passcode again or unlocks (logs in to) the device using
`Touch ID or Face ID."
`
`(id. at 86.)
`
`The Touch ID or Face [ID subsystem within the Secure Enclave is the SBIO shown below. SBIO is an
`application that runs within the Secure Enclave on the SEP andis responsible for checking the match
`of biometric features. SBIO receives the corresponding biometric data from a biometric sensor, such as
`the Touch ID sensor. The random secret is stored in a memor
`i
`
`CPC Ex. 2005 — Page 256
`ASSA ABLOYABv. CPC Patent Technologies Pty Ltd.
`IPR2022-01045
`
`
`
`SBIO and is output from the bia memory upon match, see step 3 in the diagram below ("3 upon
`Case 3:22-cv-00694-MPS Document 1-10 Filed 05/23/22 Page 21 of 109
`
`sucesstul match send random secrel lo SKS"):
`
`(Ex. B, Behind the Scenes with WS Security, at 34.)
`
`5
`
`—
`a
`—
`| ire Chass key Ss Pe CnC v¥pled ui ith ih VGSLEE key
`
`:
`
`CPC Ex. 2005 — Page 257
`ASSA ABLOYABv. CPC Patent Technologies Pty Ltd.
`IPR2022-01045
`
`
`
`Case 3:22-cv-00694-MPS Document 1-10 Filed 05/23/22 Page 22 of 109
`
`User Keybags
`
`ne)! aah a Le
`
`| ited for i Ta Fete eee eel tate cata al Lae]!
`
`Keys wrapped by master key derived from user passcode and SEP UID
`
`NC MON SMe iOhheee atl Cl se eeReece) a: mdi med ek
`
`Different policy associated with each keybag key—Usage,availability
`
`(fal, at 25,)
`
`The random secret is issued to SKS. SKS is a Secure Key Service application which ts tocated within
`the Secure Enclave on the SEP and is responsible for decrypting class keys. The random secret
`provided by SBIO is used to decrypt a master key ("4) decrypt master key"). The master key is
`concatenated with the UID of the SEP and thus class keys are decrypted and added to the SKS keyring
`("S) decryclass keys, add to keyring’) for further use by the Secure Enclave. The decrypted class
`kevs include, for example, the class key of class A.
`
`1b3. means for emitting a
`SOCUTE aCoCsS signal
`Conveying Inhonmnation
`dependent upon said
`accessibility attribute; and
`
`The Accased fnstramentalities include a fransmitter configured te emi a secure access signal
`conveying information dependent upon said accessibility attribute.
`
`| OF example, the Secure | nclave Cmils A areal with ephemerally re-encrypted tile kerws
`
`“sepOS can then use the ephemeral wrapping key to wrap file keys for use by the Application
`Processor file-system driver, Whenthe file-system driver reads or writes a file, it sends the wrapped
`key tothe AES Engine.”
`
`CPC Ex. 2005 — Page 258
`ASSA ABLOYABv. CPC Patent Technologies Pty Ltd.
`IPR2022-01045
`
`
`
`(Ex. A, Apple Platfonm Security, at 14.)
`Case 3:22-cv-00694-MPS Document 1-10 Filed 05/23/22 Page 23 of 109
`"All wrapped file key handling occurs in the Secure Enclave; the file key ts never directly exposed to
`the Application Processor,
`|...] When the Secure Enclave unwraps a file's keys, they're rewrapped with
`the ephemeral key and sent back to the Application Processor.”
`(fa, at 83.)
`
`The signal with the ephemerally re-encrypted file keys is a secure signal because it comes fromthe
`Secure Enclave and thus from a secure environment. Furthennore, the signal is secure because the
`transmitted information is encerypled, The emitted file keys are encrypted « ith the ephemeral key:
`
`“All wrapped file key handling occurs in the Secure Enclave; the file key is never directly exposed to
`the Application Processor, Al startup, the Secure Enclave negotiates an ephemeral key with the AES
`Engine. When the Secure Enclave unwraps a file's keys, they're rewrapped with the ephemeral key and
`sent back to the Application Processor."
`(fa.)
`
`Filesystem Data Protection
`
`Teak HORI eleeaeUSM Rice am el
`
`2
`
`CPC Ex. 2005 — Page 259
`ASSA ABLOYABv. CPC Patent Technologies Pty Ltd.
`IPR2022-01045
`
`
`
`(Ex. 8, Behind the Scenes with rOS Security, at 29.)
`Case 3:22-cv-00694-MPS Document 1-10 Filed 05/23/22 Page 24 of 109
`
`Mies)10aelec celta aa(e)e
`
`ae Cy eet
`
`rs
`
`|
`
`ARVPAIE Diner
`]|
`
`|
`
`mia Te |
`ma
`
`ies Biea
`J
`
`(fe. at 30.)
`
`Phe information transmitted by the emitted signal, i.c., the ephemerally re-eneryptedfile keys, is
`dependent on the availability attribute, ic,
`the confirmation that a biometric “template match™ exists
`This confirmation is signaled by the issuance of the randomsecret (ef. step 3): Only if there is a
`confirmation of the match and the random secret is issued by the Touch [D or Face ID subsystem
`within the Secure Enclave, ic. SHO, the class key is available for re-encrypting the file keys.
`
`The re-enerypled file keys are therefore information which is emitted depending on the fact that the
`availability attribute has been emitted.
`
`CPC Ex. 2005 — Page 260
`ASSA ABLOYABv. CPC Patent Technologies Pty Ltd.
`IPR2022-01045
`
`
`
`lc. arecetver sub-system|As setforth in elements Icl and Ic2 below, the Accused Instrumentalities include a receiver sub-
`Case 3:22-cv-00694-MPS Document 1-10 Filed 05/23/22 Page 25 of 109
`comprising:
`system,
`
`from the Secure Enclavefor this
`
`The receiver subsystem is the part of the system outside the Secure Enclavethat is responsible for
`reading encryptedfiles from the NAND Flash Storage and receives ephemerally re-encrypted file keys
`
`“4
`
`CPC Ex. 2005 — Page 261
`ASSA ABLOYABv. CPC Patent Technologies Pty Ltd.
`IPR2022-01045
`
`
`
`Case 3:22-cv-00694-MPS Document 1-10 Filed 05/23/22 Page 26 of 109
`
`Accused [nstrumentalities
`
`THANG
`
`Secure Enclare
`40S Cregee
`
`PKA
`
`i
`
`Secune Entice
`Proceince
`
`g—p Memory Protection
`Eregine
`
`Secure Erclawe:
`
`Syilem en chip
`
`Secure Noweolatile Storage
`
`CPC Ex. 2005 — Page 262
`ASSA ABLOYABv. CPC Patent Technologies Pty Ltd.
`IPR2022-01045
`
`
`
`(Ex. A, Apple Platform Security, at 9.)
`Case 3:22-cv-00694-MPS Document 1-10 Filed 05/23/22 Page 27 of 109
`ld, means for reserving
`The Accused Inxtramentalities include a receiver sub-system controller configured to: receive the
`the transmitted secure
`froveunitted secure access signal
`access signal; and
`
`An application processor (118) with tile system dnver, which receives the ephemerally re-cnerypted
`file key. To read files from the NAND Flash storage, the application processor processes the received
`signal by creating a read command with the ephemerally wrapped file key ("10 command with
`ephemerally wrapped tile key") and sends if to the storage controller (10%) (NAD Flash controller
`with AES engine). This read command provides the storage controller with all the information required
`lo read and decrypt the encrypted file from the NAND flash storage:
`
`stemData Protection
`
`tL
`
`ue
`
`Sle lt
`
`pMipato
`
`(Ex. B, Behind the Scenes with iOS Security, at 30.)
`
`ath
`
`CPC Ex. 2005 — Page 263
`ASSA ABLOYABv. CPC Patent Technologies Pty Ltd.
`IPR2022-01045
`
`
`
`Case 3:22-cv-00694-MPS Document 1-10 Filed 05/23/22 Page 28 of 109
`“sepOS can then use the ephemeral wrapping key to wrap file keys for use by the Application
`Processor file-system driver, When the file-svstem driver reads or writes a file, it sends the
`wrapped key to the AES Engine. ~
`(Ex. A, Apple Platform Security, at 14.)
`
`"All wrapped file key handling occurs in the Secure Enclave; the file keyis never directly exposed to
`the Application Processor.|...) When the Secure Enclave unwraps u file's keys, they're rewrapped with
`the ephemeral key and sent back to the Application Processor.”
`Ald,at 85.)
`=
`7
`The Accused Jnstrumentalities include means forproviding conditional access te the controlled item
`dependent upon said information,
`
`More specifically, the controlled item is a locking mechanism of the door lock of the user's home. The
`Accused Instrumentalities are configured to provide secure access to the user's home via Yale Smart
`Locks when the user provides biometric signal to the Accused Instrumentalities via Touch ID or Face
`ID,
`
`le. means for providing
`conditional gecess lo the
`controlled item dependent
`upon said information,
`
`august-and-yale-locks|)
`
`
`“When the “Secure Remote Access” feature ts turned on,
`
`
`
`This further ensures that your door is only operated bythe right people at the time vou intend
`
`for it.”
`(https://us,yalehome.com/en/yale-news/blog/latest-blog-posts/introducing-biometne-verification-for-
`
`CPC Ex. 2005 — Page 264
`ASSA ABLOYABv. CPC Patent Technologies Pty Ltd.
`IPR2022-01045
`
`
`
`Case 3:22-cv-00694-MPS Document 1-10 Filed 05/23/22 Page 29 of 109
`
`= Open
`
`Yale
`
`oe
`
`Introducing Biometric Verification for August and Yale Locks
`
`
`
`(https://us. valehome.com/en/yale-news/blog/latest-blog-posts/introducing-biometnie-verfication-for-
`aupust-and-yale-locks |}
`
`-
`
`CPC Ex. 2005 — Page 265
`ASSA ABLOYABv. CPC Patent Technologies Pty Ltd.
`IPR2022-01045
`
`
`
`Case 3:22-cv-00694-MPS Document 1-10 Filed 05/23/22 Page 30 of 109
`
`
`
`(https: www. apple.com shop product/HPAR JAM) A/yale-assurc-lock-s)-louchsereen-deadboll-black )
`
`
`
`| Lf. wherein the transmitter|Als setforth in elements ffT, 12, 18, and UF below, the Accused Insirumentafities include a
`sub-system further
`fransmitter sub-system comprising means for populating the data base of biometric signatures.
`comprises means for
`| populating the cata base of
`_biometriesignatures, the |
`
`29
`
`CPC Ex. 2005 — Page 266
`ASSA ABLOYABv. CPC Patent Technologies Pty Ltd.
`IPR2022-01045
`
`
`
`
`
`
`
`
`
`population means
`Case 3:22-cv-00694-MPS Document 1-10 Filed 05/23/22 Page 31 of 109
`comprising:
`
`
`The Accused Instrumentalities include a transmitter sub-system controller configured to receive a
`1f1. means for receiving a
`
`series ofentries ofthe biometric signal, said series heing characterized according to at least one of
`series of entries of the
`biometric signal, said
`the number ofsaid entries and a duration of each said entry.
`
`
`series being characterised
`
`
`More specifically, the Secure Enclave of the iPhone with the Secure Enclave Processor forms the
`accordingto at least one
`means for receiving a series of entries of the biometric signal.
`of the numberofsaid
`
`entries and a duration of
`
` "Apple's biometric security architecture relies on a strict separation of responsibilities between the
`
`each said entry;
`biometric sensor and the Secure Enclave, and a secure connection between the two, The sensor
`
`captures the biometric image and securely transmits it to the Secure Enclave."
`
`(Ex. A, Apple Platform Security, at 19.)
`
`
`
`Touch ID
`
`
`
`Whena fingeris placed on the biometric sensor, the finger is scanned and the corresponding biometric
`
`signal entry is received by the Secure Enclave.
`
`
`
`"When the fingerprint sensor detects the touch of a finger, it triggers the advanced imaging array to
`
`scan the finger and sends the scan to the Secure Enclave.”
`
`Ud.)
`
`
`
`To enroll a fingerprint in the database, the iPhone's fingerprint sensor records an entry of a biometric
`
`signal whenthe user places his finger on the sensor. This is done multiple times, resulting in a series of
`
`entries of such biometric signals.
`
`sensor will use Touch ID on iPhone.
`
`Receiving a series of entries of the biometric signal by repeatedly placing a finger on the Touch ID
`
`
`
`
`30
`
`CPC Ex. 2005 — Page 267
`ASSA ABLOYABv. CPC Patent Technologies Pty Ltd.
`IPR2022-01045
`
`
`
`Case 3:22-cv-00694-MPS Document 1-10 Filed 05/23/22 Page 32 of 109
`Set up Touch ID
`
`Before you can setup Touch 1D, you must first create a code for your deviee,* then follow these steps:
`|, Make sure the Touch [ID sensor and your finger are clean and diy.
`
`2.
`3.
`
`4.
`
`Tap Settings > Touch ID & Code, and then enter your code
`Tap “Add fingerprint” and hold the device as you normally would when touching the Touch ID
`SEN
`
`Touch the Touch 1D senser with one finger, bul cho not press. Keep your finger on the button until
`
`Ege cores once lege pe ay
`eer
`
`you feel a quick vibration or are prompted to lift your finger. Place Your Finger
`
`A Continue by raising and slowly lowering your finger over and over agam, changing thee positon
`
`
`"|
`
`CPC Ex. 2005 — Page 268
`ASSA ABLOYABv. CPC Patent T
Accessing this document will incur an additional charge of $.
After purchase, you can access this document again without charge.
Accept $ Charge
Still Working On It
This document is taking longer than usual to download. This can happen if we need to contact the court directly to obtain the document and their servers are running slowly.
Give it another minute or two to complete, and then try the refresh button.
A few More Minutes ... Still Working
It can take up to 5 minutes for us to download a document if the court servers are running slowly.
Thank you for your continued patience.
This document could not be displayed.
We could not find this document within its docket. Please go back to the docket page and check the link. If that does not work, go back to the docket and refresh it to pull the newest information.
Your account does not support viewing this document.
You need a Paid Account to view this document. Click here to change your account type.
Your account does not support viewing this document.
Set your membership
status to view this document.
With a Docket Alarm membership, you'll
get a whole lot more, including:
- Up-to-date information for this case.
- Email alerts whenever there is an update.
- Full text search for other cases.
- Get email alerts whenever a new case matches your search.
One Moment Please
The filing “” is large (MB) and is being downloaded.
Please refresh this page in a few minutes to see if the filing has been downloaded. The filing will also be emailed to you when the download completes.
Your document is on its way!
If you do not receive the document in five minutes, contact support at support@docketalarm.com.
Sealed Document
We are unable to display this document, it may be under a court ordered seal.
If you have proper credentials to access the file, you may proceed directly to the court's system using your government issued username and password.
Access Government Site
