Federal Reserve Bank Of Atlanta v. Stambler Leon

1. Case Identification

• Case #: IPR2013-00341
• Patent #: 5,793,302
• Filed: June 11, 2013
• Petitioner(s): The Federal Reserve Banks
• Patent Owner(s): Leon Stambler
• Challenged Claims: 7, 8, 31, 33-34, 41-43, 45-48, and 51-56

2. Patent Overview

• Title: METHOD FOR SECURING INFORMATION RELEVANT TO A TRANSACTION
• Brief Description: The ’302 patent discloses methods for securing information in a transaction, such as a funds transfer. The method involves "coding" information associated with a party and storing it in a "credential" to generate a "variable authentication number (VAN)," which is then used to authenticate the party or communications.

3. Grounds for Unpatentability

Ground 1: Anticipation of Claims 7, 41-43, 45, and 48 under §102 by Davies

• Prior Art Relied Upon: Davies (D. W. Davies et al., Security for Computer Networks, 1989).
• Core Argument for this Ground:
  • Prior Art Mapping: Petitioner argued Davies taught every limitation of the challenged claims. For method claim 7, Davies was alleged to disclose coding first information (a message) using second information (a sender's private key) to create a signature, and then coding that result with third information (a receiver's public key) to create an enciphered message. Davies also taught using a credential, such as a certificate issued by a trusted key registry, containing non-secret information like a public key. For method claim 41, Petitioner asserted Davies disclosed authenticating a funds transfer using an electronic check. In this system, a customer generates a signature (the VAN) covering payment information, which is then sent to a third-party bank that verifies the signature to authenticate the transaction before transferring funds.

Ground 2: Obviousness of Claims 46 and 51-55 under §103 over Davies in view of Nechvatal

• Prior Art Relied Upon: Davies (D. W. Davies et al., Security for Computer Networks, 1989) and Nechvatal (James Nechvatal, Public-key Cryptography, NIST Special Publication 800-2, April 1991).
• Core Argument for this Ground:
  • Prior Art Mapping: Petitioner contended that Davies disclosed generating a signature (VAN) using a one-way function applied to transaction information. While Davies taught this, Nechvatal explicitly described that hash functions, a type of one-way function, serve as "cryptographic checksums (i.e., error-detecting codes), thereby validating the contents of a message." Petitioner argued that applying Nechvatal’s teaching rendered it obvious that the VAN in Davies could be generated using an error detection code derived from the funds transfer information, as required by claim 46.
  • Motivation to Combine: A POSITA would combine Nechvatal with Davies to improve the efficiency of the digital signature system. Nechvatal provided the rationale that using hash functions mitigates data expansion and reduces bandwidth requirements for transmission, which were well-known and desirable goals in cryptographic systems like the one described in Davies.
  • Expectation of Success: The combination was argued to be a simple application of a known technique (hashing) to improve a known system (digital signatures), yielding predictable results.

Ground 3: Obviousness of Claims 33 and 34 under §103 over Fischer in view of Nechvatal

• Prior Art Relied Upon: Fischer (Patent 4,868,877) and Nechvatal (James Nechvatal, Public-key Cryptography, NIST Special Publication 800-2, April 1991).
• Core Argument for this Ground:
  • Prior Art Mapping: Petitioner argued Fischer taught a method for authenticating a first party using information stored in a credential (a certificate) previously issued by a second party (a higher authority). The credential in Fischer contained a signature (a VAN) and other non-secret information. Fischer disclosed generating a signature by first creating a presignature hash (an error detection code, or EDC1). This EDC1 is then coded using the second party's private key to derive the VAN. To verify, a recipient regenerates the EDC1 (now EDC2) from the credential information and compares it to a regenerated hash (EDC3) derived by uncoding the VAN. Nechvatal was cited to explicitly teach that the hash function used in such a system is an error detection code.
  • Motivation to Combine: A POSITA would have been motivated to implement the certificate generation and verification system of Fischer using the explicit error-detection code teachings of Nechvatal. Nechvatal explained that using hash functions improves signing efficiency by condensing the information to be signed into a fixed-size representation, which was a known and desirable improvement for the system taught by Fischer.
  • Expectation of Success: The combination involved applying a well-understood technique (hashing for efficiency) to a known process (certificate-based authentication) and would have yielded the predictable result of a more efficient and secure system.
• Additional Grounds: Petitioner asserted additional obviousness challenges, including claims 47 and 56 over Davies, Fischer, and Piosenka; claim 8 over Davies and Hellman; and claim 31 over Piosenka and Fischer.

4. Key Claim Construction Positions

• "coding": Petitioner argued for the construction "transforming information by applying a known algorithm." This broad construction, which Petitioner contended was supported by the patent's specification and the patent owner's positions in related litigation, encompassed cryptographic processes like both encryption and decryption, allowing digital signature generation (which uses a private key for a decryption-like operation) to meet the "coding" limitation.
• "error detection code (EDC)": Petitioner proposed construing this term as "the result of applying an algorithm for coding information that, when applied to original information, creates coded information wherein changes to the coded information can be detected without complete recovery of the original information." This construction was critical for mapping prior art hash functions, which produce fixed-length outputs for verifying data integrity, to the claimed "EDC."
• "Variable Authentication Number (VAN)": Proposed as "a variable number resulting from a coding operation that can be used in verifying the identity of a party or the integrity of information or both." This allowed Petitioner to equate digital signatures and other cryptographic outputs from the prior art with the claimed VAN.

5. Relief Requested

• Petitioner requested the institution of an inter partes review and the cancellation of claims 7, 8, 31, 33-34, 41-43, 45-48, and 51-56 of the ’302 patent as unpatentable.