PTAB

IPR2022-00759

NXP USA Inc v. MediaTek Inc

Log In
Key Events
Petition
petition

1. Case Identification

2. Patent Overview

  • Title: Computer System Comprising a Secure Boot Mechanism on the Basis of Symmetric Key Encryption
  • Brief Description: The ’037 patent discloses a secure boot mechanism for a computer system. The system uses a symmetric encryption key stored in a central processing unit's (CPU) internal non-volatile memory to verify the integrity of boot data by generating a current signature and comparing it to a stored signature created with the same key.

3. Grounds for Unpatentability

Ground 1: Obviousness over Smith - Claims 1-3, 5-6, and 19-21 are obvious over Smith

  • Prior Art Relied Upon: Smith (Application # US 2008/0165952).
  • Core Argument for this Ground:
    • Prior Art Mapping: Petitioner argued that Smith taught a secure booting method and apparatus that rendered all challenged claims obvious. For independent claims 19 and 21, Smith’s chip 105 was alleged to include volatile RAM and non-volatile ROM. Petitioner contended it was obvious to include a CPU core and a bus system on the same substrate to execute the secure boot process Smith described. Smith’s “Unique Identifier” (UID) stored in ROM was mapped to the claimed symmetric encryption key. This UID was used to verify a boot routine by deriving a signature from a code image and comparing it to a stored signature, allegedly meeting the core limitations of independent method claim 1.
    • Motivation to Combine (N/A): For this single-reference ground, Petitioner argued it was obvious to include a CPU core and bus with Smith's disclosed memory components to make Smith's own system functional and perform its described secure-booting processes.
    • Expectation of Success: Petitioner asserted a POSITA would have had a high expectation of success, as integrating a CPU core, memory, and a bus on a single chip was a well-known and predictable design practice for implementing such systems.

Ground 2: Obviousness over Smith and Bolotin - Claim 20 is obvious over Smith in view of Bolotin

  • Prior Art Relied Upon: Smith (Application # US 2008/0165952), Bolotin (WO 2007/014074).
  • Core Argument for this Ground:
    • Prior Art Mapping: This ground specifically targeted claim 20, which adds "a locking mechanism" to the CPU of claim 19, configured to enable access to the non-volatile memory containing the key only upon a reset or power-on event. While arguing Smith already disclosed this functionality, Petitioner introduced Bolotin as teaching a "Memory Lock System" that uses a microcontroller and a "locking function controller" to control access to sensitive information in memory by enabling or disabling power to the memory.
    • Motivation to Combine: A POSITA would combine Bolotin’s power-control locking circuitry with Smith’s system to provide a secure, self-contained means for preventing external access to the sensitive UID stored in ROM. Petitioner noted that Bolotin taught the desirability of integrating its lock system into devices like the "iPODs" mentioned in Smith, directly addressing the known and critical need for improved security in portable electronics.
    • Expectation of Success: Adding Bolotin's straightforward power-control circuitry to Smith's memory system was argued to be a predictable and effective way to securely control access, with no technical hurdles.

Ground 3: Obviousness over Smith and Challener - Claims 5-6 are obvious over Smith in view of Challener

  • Prior Art Relied Upon: Smith (Application # US 2008/0165952), Challener (Application # US 2003/0041254).

  • Core Argument for this Ground:

    • Prior Art Mapping: This ground focused on dependent claims 5 and 6, which require locking the encryption key prior to executing the boot instructions and determining if an upgrade is available. Petitioner asserted that Challener disclosed locking system configuration and access data from external access after it is used for user verification but before executing boot instructions. For claim 6, Petitioner relied on Smith's disclosure of a "device firmware upgrade" (DFU) mode to determine if an updated version of the boot data is available.
    • Motivation to Combine: A POSITA would modify Smith's process to incorporate Challener's "lock-after-use" technique. The motivation was to enhance security by locking Smith's UID after it is used to verify the initial boot code image but before that code is executed, preventing unauthorized access during a vulnerable period.
    • Expectation of Success: Modifying the processing logic of Smith's system to implement Challener's well-understood locking step was presented as a logical and straightforward modification that would predictably improve security.

  • Additional Grounds: Petitioner asserted additional obviousness challenges (Grounds 3 and 4) based on combining Smith with Little (and Bolotin), arguing Little's disclosure of physically integrating an on-chip ROM with a processor would have motivated a POSITA to similarly integrate Smith's ROM and CPU core for enhanced security.

4. Key Claim Construction Positions

  • Petitioner argued the term "a locking mechanism configured to enable..." recited in claim 20 should be construed as a means-plus-function term under 35 U.S.C. §112, ¶ 6. Petitioner asserted that the claim lacked sufficient corresponding structure for the recited function. The corresponding structure in the ’037 patent's specification was identified as "circuitry for enabling or disabling power to the secure ROM containing the symmetric encryption key."

5. Arguments Regarding Discretionary Denial

  • Petitioner argued against discretionary denial under 35 U.S.C. §325(d), asserting that its grounds were not based on substantially the same prior art or arguments previously considered by the USPTO during prosecution. It was contended that the primary reference, Smith, is more material than the art cited by the Examiner. Petitioner alleged Smith discloses a symmetric encryption key stored in non-volatile memory used to verify boot code by comparing a current signature to a stored signature, which adheres more closely to the claims than the previously considered references (e.g., Little, Bhatt, Kumar).

6. Relief Requested

  • Petitioner requested institution of an inter partes review and cancellation of claims 1-3, 5-6, and 19-21 of the ’037 patent as unpatentable.